Information
MySQL Group communication connections and distributed recovery connections can be secured using SSL.
Rationale:
SSL encryption ensures data cannot be seen over the network for Group Replication.
Solution
Edit my.cnf and set group_replication_ssl_mode, for example:
group_replication_ssl_mode=REQUIRED
Acceptable values are:
REQUIRED - Establish a secure connection if the server supports secure connections.
VERIFY_CA - Like REQUIRED, but additionally verify the server TLS certificate against the configured Certificate Authority (CA) certificates.
VERIFY_IDENTITY - Like VERIFY_CA, but additionally verify that the server certificate matches the host to which the connection is being established.