diff --git a/include/mysql.h b/include/mysql.h
index 78d79546..58961595 100644
--- a/include/mysql.h
+++ b/include/mysql.h
@@ -181,8 +181,18 @@ enum mysql_option
   MYSQL_OPT_SSL_VERIFY_SERVER_CERT,
   MYSQL_PLUGIN_DIR,
   MYSQL_DEFAULT_AUTH,
-  MYSQL_PROGRESS_CALLBACK,
-  MYSQL_DATABASE_DRIVER=255
+  MYSQL_OPT_BIND,
+  MYSQL_OPT_SSL_KEY,
+  MYSQL_OPT_SSL_CERT,
+  MYSQL_OPT_SSL_CA,
+  MYSQL_OPT_SSL_CAPATH,
+  MYSQL_OPT_SSL_CIPHER,
+  MYSQL_OPT_SSL_CRL,
+  MYSQL_OPT_SSL_CRLPATH,
+
+  /* MariaDB specific */
+  MYSQL_PROGRESS_CALLBACK=5999,
+  MYSQL_DATABASE_DRIVER=7000
 };
 
 enum mysql_status { MYSQL_STATUS_READY,
@@ -277,6 +287,9 @@ typedef struct st_mysql {
 struct st_mysql_options_extention {
   char *plugin_dir;
   char *default_auth;
+  char *ssl_crl;
+  char *ssl_crlpath;
+  char *server_public_key_path;
   void (*report_progress)(const MYSQL *mysql,
                           unsigned int stage,
                           unsigned int max_stage,
diff --git a/libmariadb/libmariadb.c b/libmariadb/libmariadb.c
index 49d86334..7cc5d1b9 100644
--- a/libmariadb/libmariadb.c
+++ b/libmariadb/libmariadb.c
@@ -2035,18 +2035,18 @@ static void mysql_close_options(MYSQL *mysql)
   my_free(mysql->options.my_cnf_group,MYF(MY_ALLOW_ZERO_PTR));
   my_free(mysql->options.charset_dir,MYF(MY_ALLOW_ZERO_PTR));
   my_free(mysql->options.charset_name,MYF(MY_ALLOW_ZERO_PTR));
-#ifdef HAVE_OPENSSL
   my_free(mysql->options.ssl_key, MYF(MY_ALLOW_ZERO_PTR));
   my_free(mysql->options.ssl_cert, MYF(MY_ALLOW_ZERO_PTR));
   my_free(mysql->options.ssl_ca, MYF(MY_ALLOW_ZERO_PTR));
   my_free(mysql->options.ssl_capath, MYF(MY_ALLOW_ZERO_PTR));
   my_free(mysql->options.ssl_cipher, MYF(MY_ALLOW_ZERO_PTR));
-#endif /* HAVE_OPENSSL */
   if (mysql->options.extension)
   {
     my_free(mysql->options.extension->plugin_dir, MYF(MY_ALLOW_ZERO_PTR));
     my_free(mysql->options.extension->default_auth, MYF(MY_ALLOW_ZERO_PTR));
     my_free((gptr)mysql->options.extension->db_driver, MYF(MY_ALLOW_ZERO_PTR));
+    my_free(mysql->options.extension->ssl_crl, MYF(MY_ALLOW_ZERO_PTR));
+    my_free(mysql->options.extension->ssl_crlpath, MYF(MY_ALLOW_ZERO_PTR));
   }
   my_free((gptr)mysql->options.extension, MYF(MY_ALLOW_ZERO_PTR));
   /* clear all pointer */
@@ -2771,6 +2771,32 @@ mysql_options(MYSQL *mysql,enum mysql_option option, const void *arg)
     else
       mysql->options.client_flag &= ~CLIENT_SSL_VERIFY_SERVER_CERT;
     break;
+  case MYSQL_OPT_SSL_KEY:
+    my_free(mysql->options.ssl_key, MYF(MY_ALLOW_ZERO_PTR));
+    mysql->options.ssl_key=my_strdup(arg,MYF(MY_WME));
+    break;
+  case MYSQL_OPT_SSL_CERT:
+    my_free(mysql->options.ssl_cert, MYF(MY_ALLOW_ZERO_PTR));
+    mysql->options.ssl_cert=my_strdup(arg,MYF(MY_WME));
+    break;
+  case MYSQL_OPT_SSL_CA:
+    my_free(mysql->options.ssl_ca, MYF(MY_ALLOW_ZERO_PTR));
+    mysql->options.ssl_ca=my_strdup(arg,MYF(MY_WME));
+    break;
+  case MYSQL_OPT_SSL_CAPATH:
+    my_free(mysql->options.ssl_capath, MYF(MY_ALLOW_ZERO_PTR));
+    mysql->options.ssl_capath=my_strdup(arg,MYF(MY_WME));
+    break;
+  case MYSQL_OPT_SSL_CIPHER:
+    my_free(mysql->options.ssl_cipher, MYF(MY_ALLOW_ZERO_PTR));
+    mysql->options.ssl_cipher=my_strdup(arg,MYF(MY_WME));
+    break;
+  case MYSQL_OPT_SSL_CRL:
+    OPT_SET_EXTENDED_VALUE(&mysql->options, ssl_crl, (char *)arg, 1);
+    break;
+  case MYSQL_OPT_SSL_CRLPATH:
+    OPT_SET_EXTENDED_VALUE(&mysql->options, ssl_crlpath, (char *)arg, 1);
+    break;    
   default:
     DBUG_RETURN(-1);
   }
diff --git a/libmariadb/ma_secure.c b/libmariadb/ma_secure.c
index 42a90190..23da4ea3 100644
--- a/libmariadb/ma_secure.c
+++ b/libmariadb/ma_secure.c
@@ -242,32 +242,20 @@ static int my_ssl_set_certs(SSL *ssl)
     if (SSL_CTX_set_default_verify_paths(SSL_context) == 0)
       goto error;
   }
-#ifdef CRL_IMPLEMENTED
-  if (mysql->options.ssl_crl || mysql->options.ssl_crlpath)
+  if (mysql->options.extension &&
+      (mysql->options.extension->ssl_crl || mysql->options.extension->ssl_crlpath))
   {
     X509_STORE *certstore;
 
     if ((certstore= SSL_CTX_get_cert_store(SSL_context)))
     {
       if (X509_STORE_load_locations(certstore, mysql->options.ssl_ca,
-                                     mysql->options.ssl_capath) == 0)
-      {
-        my_set_error(mysql, CR_SSL_CONNECTION_ERROR, SQLSTATE_UNKNOWN,
-                            ER(CR_SSL_CONNECTION_ERROR), 
-                            "Loading certificate failed");
-        DBUG_RETURN(1);
-      }
-			if (X509_STORE_set_flags(certstore, X509_V_FLAG_CRL_CHECK |
+                                     mysql->options.ssl_capath) == 0 ||
+			    X509_STORE_set_flags(certstore, X509_V_FLAG_CRL_CHECK |
                                          X509_V_FLAG_CRL_CHECK_ALL) == 0)
-      {
-        my_set_error(mysql, CR_SSL_CONNECTION_ERROR, SQLSTATE_UNKNOWN,
-                            ER(CR_SSL_CONNECTION_ERROR), 
-                            "X509_STORE_set_flags failed");
-        DBUG_RETURN(1);
-      }
+        goto error;
     }
   }
-#endif
 
   DBUG_RETURN(0);