我试图在docker容器中的mariadb上启用ssl，我在/etc/mysql/my.cnf文件中做了以下更改

ssl-ca=/etc/certs/client-cert.pem
ssl-cert=/etc/certs/server-cert.pem
ssl-key=/etc/certs/server-key.pem

ssl_ca=/etc/certs/client-cert.pem
ssl_cert=/etc/certs/server-cert.pem
ssl_key=/etc/certs/server-key.pem

注意：我使用了带-和\u的变量名，因为我不确定使用哪个方案
我还在上面提到的路径中提供了证书，这里是“show variables like'%ssl%'；”的结果

MariaDB [(none)]> show variables like '%ssl%';
+---------------------+----------------------------+
| Variable_name       | Value                      |
+---------------------+----------------------------+
| have_openssl        | YES                        |
| have_ssl            | YES                        |
| ssl_ca              | /etc/certs/client-cert.pem |
| ssl_capath          |                            |
| ssl_cert            | /etc/certs/server-cert.pem |
| ssl_cipher          |                            |
| ssl_crl             |                            |
| ssl_crlpath         |                            |
| ssl_key             | /etc/certs/server-key.pem  |
| version_ssl_library | OpenSSL 1.1.0g  2 Nov 2017 |
+---------------------+----------------------------+
10 rows in set (0.001 sec)

但这是我在mysql命令行上运行“status”命令时得到的结果

MariaDB [(none)]> status
--------------
mysql  Ver 15.1 Distrib 10.3.9-MariaDB, for debian-linux-gnu (x86_64) using readline 5.2

Connection id:          42
Current database:
Current user:           root@localhost
SSL:                    Not in use
Current pager:          stdout
Using outfile:          ''
Using delimiter:        ;
Server:                 MariaDB
Server version:         10.3.9-MariaDB-1:10.3.9+maria~bionic mariadb.org binary distribution
Protocol version:       10
Connection:             Localhost via UNIX socket
Server characterset:    latin1
Db     characterset:    latin1
Client characterset:    latin1
Conn.  characterset:    latin1
UNIX socket:            /var/run/mysqld/mysqld.sock
Uptime:                 5 min 52 sec

它说ssl没有被使用，现在我不确定ssl是否被启用，或者我是否丢失了任何标志？我怎样才能知道它是否被启用？
这是完整的my.cnf文件

# MariaDB database server configuration file.

# 

# You can copy this file to one of:

# - "/etc/mysql/my.cnf" to set global options,

# - "~/.my.cnf" to set user-specific options.

# 

# One can use all long options that the program supports.

# Run program with --help to get a list of available options and with

# --print-defaults to see which it would actually understand and use.

# 

# For explanations see

# http://dev.mysql.com/doc/mysql/en/server-system-variables.html

# This will be passed to all mysql clients

# It has been reported that passwords should be enclosed with ticks/quotes

# escpecially if they contain "#" chars...

# Remember to edit /etc/mysql/debian.cnf when changing the socket location.

[client]
port            = 3306
socket          = /var/run/mysqld/mysqld.sock

# Here is entries for some specific programs

# The following values assume you have at least 32M ram

# This was formally known as [safe_mysqld]. Both versions are currently parsed.

[mysqld_safe]
socket          = /var/run/mysqld/mysqld.sock
nice            = 0

[mysqld]

# 

# * Basic Settings

# 

# user           = mysql

pid-file        = /var/run/mysqld/mysqld.pid
socket          = /var/run/mysqld/mysqld.sock
port            = 3306
basedir         = /usr
datadir         = /var/lib/mysql
tmpdir          = /tmp
lc_messages_dir = /usr/share/mysql
lc_messages     = en_US
skip-external-locking

# 

# Instead of skip-networking the default is now to listen only on

# localhost which is more compatible and is not less secure.

# bind-address           = 127.0.0.1

# 

# * Fine Tuning

# 

max_connections         = 100
connect_timeout         = 5
wait_timeout            = 600
max_allowed_packet      = 16M
thread_cache_size       = 128
sort_buffer_size        = 4M
bulk_insert_buffer_size = 16M
tmp_table_size          = 32M
max_heap_table_size     = 32M

# 

# * MyISAM

# 

# This replaces the startup script and checks MyISAM tables if needed

# the first time they are touched. On error, make copy and try a repair.

myisam_recover_options = BACKUP
key_buffer_size         = 128M

# open-files-limit       = 2000

table_open_cache        = 400
myisam_sort_buffer_size = 512M
concurrent_insert       = 2
read_buffer_size        = 2M
read_rnd_buffer_size    = 1M

# 

# * Query Cache Configuration

# 

# Cache only tiny result sets, so we can fit more in the query cache.

query_cache_limit               = 128K
query_cache_size                = 64M

# for more write intensive setups, set to DEMAND or OFF

# query_cache_type               = DEMAND

# 

# * Logging and Replication

# 

# Both location gets rotated by the cronjob.

# Be aware that this log type is a performance killer.

# As of 5.1 you can enable the log at runtime!

# general_log_file        = /var/log/mysql/mysql.log

# general_log             = 1

# 

# Error logging goes to syslog due to /etc/mysql/conf.d/mysqld_safe_syslog.cnf.

# 

# we do want to know about network errors and such

# log_warnings           = 2

# 

# Enable the slow query log to see queries with especially long duration

# slow_query_log[={0|1}]

slow_query_log_file     = /var/log/mysql/mariadb-slow.log
long_query_time = 10

# log_slow_rate_limit    = 1000

# log_slow_verbosity     = query_plan

# log-queries-not-using-indexes

# log_slow_admin_statements

# 

# The following can be used as easy to replay backup logs or for replication.

# note: if you are setting up a replication slave, see README.Debian about

# other settings you may need to change.

# server-id              = 1

# report_host            = master1

# auto_increment_increment = 2

# auto_increment_offset  = 1

# log_bin                        = /var/log/mysql/mariadb-bin

# log_bin_index          = /var/log/mysql/mariadb-bin.index

# not fab for performance, but safer

# sync_binlog            = 1

expire_logs_days        = 10
max_binlog_size         = 100M

# slaves

# relay_log              = /var/log/mysql/relay-bin

# relay_log_index        = /var/log/mysql/relay-bin.index

# relay_log_info_file    = /var/log/mysql/relay-bin.info

# log_slave_updates

# read_only

# 

# If applications support it, this stricter sql_mode prevents some

# mistakes like inserting invalid dates etc.

# sql_mode               = NO_ENGINE_SUBSTITUTION,TRADITIONAL

# 

# * InnoDB

# 

# InnoDB is enabled by default with a 10MB datafile in /var/lib/mysql/.

# Read the manual for more InnoDB related options. There are many!

default_storage_engine  = InnoDB

# you can't just change log file size, requires special procedure

# innodb_log_file_size   = 50M

innodb_buffer_pool_size = 256M
innodb_log_buffer_size  = 8M
innodb_file_per_table   = 1
innodb_open_files       = 400
innodb_io_capacity      = 400
innodb_flush_method     = O_DIRECT

# 

# * Security Features

# 

# Read the manual, too, if you want chroot!

# chroot = /var/lib/mysql/

# 

# For generating SSL certificates I recommend the OpenSSL GUI "tinyca".

# 

ssl-ca=/etc/certs/client-cert.pem
ssl-cert=/etc/certs/server-cert.pem
ssl-key=/etc/certs/server-key.pem

ssl_ca=/etc/certs/client-cert.pem
ssl_cert=/etc/certs/server-cert.pem
ssl_key=/etc/certs/server-key.pem

# 

# * Galera-related settings

# 

[galera]

# Mandatory settings

# wsrep_on=ON

# wsrep_provider=

# wsrep_cluster_address=

# binlog_format=row

# default_storage_engine=InnoDB

# innodb_autoinc_lock_mode=2

# 

# Allow server to accept connections on all interfaces.

# 

# bind-address=0.0.0.0

# 

# Optional setting

# wsrep_slave_threads=1

# innodb_flush_log_at_trx_commit=0

[mysqldump]
quick
quote-names
max_allowed_packet      = 16M

[mysql]

# no-auto-rehash # faster start of mysql but no tab completion

[isamchk]
key_buffer              = 16M

# 

# * IMPORTANT: Additional settings that can override those from this file!

# The files must end with '.cnf', otherwise they'll be ignored.

# 

!include /etc/mysql/mariadb.cnf
!includedir /etc/mysql/conf.d/