show in mariadb cli whether server cert was verified

client/mysql.cc

@@ -5049,8 +5049,8 @@ com_status(String *buffer __attribute__((unused)),
 
 #if defined(HAVE_OPENSSL) && !defined(EMBEDDED_LIBRARY)
   if ((status_str= mysql_get_ssl_cipher(&mysql)))
-    tee_fprintf(stdout, "SSL:\t\t\tCipher in use is %s\n",
-                status_str);
+    tee_fprintf(stdout, "SSL:\t\t\tCipher in use is %s, cert is %s\n",
+                status_str, opt_ssl_verify_server_cert ? "OK" : "UNKNOWN");
   else
 #endif /* HAVE_OPENSSL && !EMBEDDED_LIBRARY */
     tee_puts("SSL:\t\t\tNot in use", stdout);

mysql-test/main/mysql.result

@@ -640,3 +640,18 @@ WARNING: option --enable-cleartext-plugin is obsolete.
 #
 # MDEV-30327 Client crashes in print_last_query_cost
 #
+#
+# show whether server cert was verified
+#
+create user ser@localhost identified by "ass";
+MYSQL --disable-ssl-verify-server-cert -e "\s"
+
+SSL:			Cipher in use is XXX, cert is UNKNOWN
+
+
+MYSQL --ssl-verify-server-cert -e "\s"
+
+SSL:			Cipher in use is XXX, cert is OK
+
+
+drop user ser@localhost;

mysql-test/main/mysql.test

@@ -725,3 +725,15 @@ drop table t1;
 --exec $MYSQL --show-query-costs --port=$MASTER_MYPORT -e "show tables in mysql like 'foo'"
 --enable_result_log
 --enable_query_log
+
+--echo #
+--echo # show whether server cert was verified
+--echo #
+create user ser@localhost identified by "ass";
+--echo MYSQL --disable-ssl-verify-server-cert -e "\\s"
+--replace_regex /^.[^S].*// /\b[-A-Z_0-9]+,/XXX,/
+--exec $MYSQL -user -pass --disable-ssl-verify-server-cert -e "\\s"
+--echo MYSQL --ssl-verify-server-cert -e "\\s"
+--replace_regex /^.[^S].*// /\b[-A-Z_0-9]+,/XXX,/
+--exec $MYSQL -user -pass --ssl-verify-server-cert -e "\\s"
+drop user ser@localhost;