MySQL raises error 3160 when require_secure_transport is set to ON but neither SSL nor shared memory transport is available.
ER_NO_SECURE_TRANSPORTS_CONFIGURED (MySQL error 3160) appears when require_secure_transport is enabled on a server without SSL keys or shared memory. Install valid SSL certificates or enable shared_memory, then restart MySQL, to clear the error.
ER_NO_SECURE_TRANSPORTS_CONFIGURED
MySQL error 3160 signals that the global require_secure_transport variable was set to ON, but the server is not listening on any secure transport. Secure transports in MySQL are SSL/TLS connections or Windows shared memory.
When require_secure_transport is ON, every client must connect either through SSL or shared memory. If neither option is available the server refuses to start, and the error appears during startup or when you attempt to turn the variable on dynamically.
The error stems from a mismatch between server configuration and security requirements. MySQL checks for at least one secure transport before allowing require_secure_transport to be enabled.
Typical triggers include missing or unreadable SSL certificate files, skip_ssl compilation, using a non-Windows build without shared memory, or forgetting to grant the SHARED_MEMORY privilege on Windows.
The fix is to configure at least one secure transport and then enable the variable. In production environments, configuring SSL is the preferred approach because it works cross-platform and over networks.
Alternatively, on Windows you can enable shared_memory connections by setting shared_memory to ON and allowing clients to connect through the MySQL shared memory protocol.
On Linux servers lacking SSL keys, generate a self-signed certificate with the mysql_ssl_rsa_setup utility, add the key and certificate paths to my.cnf, restart, and then set require_secure_transport=ON.
On managed cloud services, use the cloud provider's SSL auto-management feature, confirm have_ssl=YES, and then toggle the variable.
Ship servers with SSL correctly configured in configuration management. Add a startup test that checks SHOW VARIABLES LIKE "have_ssl" and shared_memory before toggling require_secure_transport.
Store certificates in secure directories, rotate them automatically, and monitor log files for SSL-related warnings that could disable the transport.
ER_SSL_CONNECTION_ERROR occurs when SSL negotiation fails even though SSL is enabled. ER_SHARED_MEMORY_CONNECT_ABANDONED occurs when a client drops during shared memory negotiation. Both errors are resolved by validating certificates or shared memory settings.
my.cnf points to key files that do not exist or are unreadable so MySQL disables SSL at startup.
The server was compiled without OpenSSL or SSL support was disabled with the skip_ssl option.
On Windows shared_memory is OFF so no secure local transport is present.
Filesystem permissions prevent mysqld from reading the certificates, resulting in SSL not being available.
Connection attempt fails during SSL negotiation because of certificate mismatch.
Primary key creation fails when a column is NOT NULL but a default value is missing.
Server and client share no common cipher when attempting SSL connection.
Yes, but only on Windows by enabling shared_memory transport. Otherwise at least one SSL transport is mandatory.
Restart alone will not help unless you fix the underlying SSL or shared memory configuration first.
Run SHOW STATUS LIKE "Ssl_cipher" from a client connection. A non-empty value confirms SSL is in use.
Galaxy highlights connection errors instantly in the editor output and lets you share the fixed configuration snippet with your team to prevent recurring issues.
.avif)
.avif){kind=logo}
