There seem to be various TLS settings inside MariaDB configuration right now, but it's depending on the wildcard cert (should have a new keypair instead) and no ciphers have been configured yet.
OpenSSL has a preference over yaSSL, although it looks like we're already using the MariaDB version with OpenSSL support compiled, so that's great. The goal of this task is not to require TLS connections yet, just to make it working properly so we can concentrate on the clients afterwards.