MySQL supports multiple encryption ciphers. Ciphers can vary in strength, speed and overhead. Rationale: Requiring clients attempting to connect to MySQL to use strong ciphers protects data in transit. Impact: Connections attempting to use an unsupported cipher will fail.
Solution
Set ssl_cipher in the my.cnf to an approved cipher suite: ssl_cipher='ECDHE-ECDSA-AES128-GCM-SHA256'