diff --git a/mysql-test/main/require_secure_transport.result b/mysql-test/main/require_secure_transport.result
index c9df2f90b45..94474d0fa0e 100644
--- a/mysql-test/main/require_secure_transport.result
+++ b/mysql-test/main/require_secure_transport.result
@@ -1,6 +1,6 @@
 CREATE TABLE t1 (t int(1));
 SET GLOBAL require_secure_transport=ON;
-ERROR 28000: Access denied for user 'root'@'localhost' (using password: NO)
+ERROR HY000: Connections using insecure transport are prohibited while --require_secure_transport=ON.
 connection default;
 SET GLOBAL require_secure_transport=OFF;
 disconnect without_ssl;
diff --git a/mysql-test/main/require_secure_transport.test b/mysql-test/main/require_secure_transport.test
index ce62e7d5492..e238e732423 100644
--- a/mysql-test/main/require_secure_transport.test
+++ b/mysql-test/main/require_secure_transport.test
@@ -2,7 +2,7 @@
 CREATE TABLE t1 (t int(1));
 SET GLOBAL require_secure_transport=ON;
 --disable_query_log
---error ER_ACCESS_DENIED_ERROR
+--error ER_SECURE_TRANSPORT_REQUIRED
 connect without_ssl,localhost,root,,,,,TCP NOSSL;
 --enable_query_log
 connection default;
diff --git a/sql/share/errmsg-utf8.txt b/sql/share/errmsg-utf8.txt
index 8222755c415..2d025f8b80e 100644
--- a/sql/share/errmsg-utf8.txt
+++ b/sql/share/errmsg-utf8.txt
@@ -11001,6 +11001,304 @@ ER_ALTER_OPERATION_NOT_SUPPORTED_REASON_GIS
         eng "Do not support online operation on table with GIS index"
         spa "No soporta operación en línea en tabla con índice GIS"
         sw "Haiwezi kufanya operesheni ya mtandaoni kwenye jedwali na faharisi ya GIS"
+
+ER_MYSQL_3061
+        eng ""
+
+ER_MYSQL_3062
+        eng ""
+
+ER_MYSQL_3063
+        eng ""
+
+ER_MYSQL_3064
+        eng ""
+
+ER_MYSQL_3065
+        eng ""
+
+ER_MYSQL_3066
+        eng ""
+
+ER_MYSQL_3067
+        eng ""
+
+ER_MYSQL_3068
+        eng ""
+
+ER_MYSQL_3069
+        eng ""
+
+ER_MYSQL_3070
+        eng ""
+
+ER_MYSQL_3071
+        eng ""
+
+ER_MYSQL_3072
+        eng ""
+
+ER_MYSQL_3073
+        eng ""
+
+ER_MYSQL_3074
+        eng ""
+
+ER_MYSQL_3075
+        eng ""
+
+ER_MYSQL_3076
+        eng ""
+
+ER_MYSQL_3077
+        eng ""
+
+ER_MYSQL_3078
+        eng ""
+
+ER_MYSQL_3079
+        eng ""
+
+ER_MYSQL_3080
+        eng ""
+
+ER_MYSQL_3081
+        eng ""
+
+ER_MYSQL_3082
+        eng ""
+
+ER_MYSQL_3083
+        eng ""
+
+ER_MYSQL_3084
+        eng ""
+
+ER_MYSQL_3085
+        eng ""
+
+ER_MYSQL_3086
+        eng ""
+
+ER_MYSQL_3087
+        eng ""
+
+ER_MYSQL_3088
+        eng ""
+
+ER_MYSQL_3089
+        eng ""
+
+ER_MYSQL_3090
+        eng ""
+
+ER_MYSQL_3091
+        eng ""
+
+ER_MYSQL_3092
+        eng ""
+
+ER_MYSQL_3093
+        eng ""
+
+ER_MYSQL_3094
+        eng ""
+
+ER_MYSQL_3095
+        eng ""
+
+ER_MYSQL_3096
+        eng ""
+
+ER_MYSQL_3097
+        eng ""
+
+ER_MYSQL_3098
+        eng ""
+
+ER_MYSQL_3099
+        eng ""
+
+ER_MYSQL_3100
+        eng ""
+
+ER_MYSQL_3101
+        eng ""
+
+ER_MYSQL_3102
+        eng ""
+
+ER_MYSQL_3103
+        eng ""
+
+ER_MYSQL_3104
+        eng ""
+
+ER_MYSQL_3105
+        eng ""
+
+ER_MYSQL_3106
+        eng ""
+
+ER_MYSQL_3107
+        eng ""
+
+ER_MYSQL_3108
+        eng ""
+
+ER_MYSQL_3109
+        eng ""
+
+ER_MYSQL_3110
+        eng ""
+
+ER_MYSQL_3111
+        eng ""
+
+ER_MYSQL_3112
+        eng ""
+
+ER_MYSQL_3113
+        eng ""
+
+ER_MYSQL_3114
+        eng ""
+
+ER_MYSQL_3115
+        eng ""
+
+ER_MYSQL_3116
+        eng ""
+
+ER_MYSQL_3117
+        eng ""
+
+ER_MYSQL_3118
+        eng ""
+
+ER_MYSQL_3119
+        eng ""
+
+ER_MYSQL_3120
+        eng ""
+
+ER_MYSQL_3121
+        eng ""
+
+ER_MYSQL_3122
+        eng ""
+
+ER_MYSQL_3123
+        eng ""
+
+ER_MYSQL_3124
+        eng ""
+
+ER_MYSQL_3125
+        eng ""
+
+ER_MYSQL_3126
+        eng ""
+
+ER_MYSQL_3127
+        eng ""
+
+ER_MYSQL_3128
+        eng ""
+
+ER_MYSQL_3129
+        eng ""
+
+ER_MYSQL_3130
+        eng ""
+
+ER_MYSQL_3131
+        eng ""
+
+ER_MYSQL_3132
+        eng ""
+
+ER_MYSQL_3133
+        eng ""
+
+ER_MYSQL_3134
+        eng ""
+
+ER_MYSQL_3135
+        eng ""
+
+ER_MYSQL_3136
+        eng ""
+
+ER_MYSQL_3137
+        eng ""
+
+ER_MYSQL_3138
+        eng ""
+
+ER_MYSQL_3139
+        eng ""
+
+ER_MYSQL_3140
+        eng ""
+
+ER_MYSQL_3141
+        eng ""
+
+ER_MYSQL_3142
+        eng ""
+
+ER_MYSQL_3143
+        eng ""
+
+ER_MYSQL_3144
+        eng ""
+
+ER_MYSQL_3145
+        eng ""
+
+ER_MYSQL_3146
+        eng ""
+
+ER_MYSQL_3147
+        eng ""
+
+ER_MYSQL_3148
+        eng ""
+
+ER_MYSQL_3149
+        eng ""
+
+ER_MYSQL_3150
+        eng ""
+
+ER_MYSQL_3151
+        eng ""
+
+ER_MYSQL_3152
+        eng ""
+
+ER_MYSQL_3153
+        eng ""
+
+ER_MYSQL_3154
+        eng ""
+
+ER_MYSQL_3155
+        eng ""
+
+ER_MYSQL_3156
+        eng ""
+
+ER_MYSQL_3157
+        eng ""
+
+ER_MYSQL_3158
+        eng ""
+
+ER_SECURE_TRANSPORT_REQUIRED 08004
+        eng "Connections using insecure transport are prohibited while --require_secure_transport=ON."
+
 # MariaDB extra error numbers starts from 4000
 skip-to-error-number 4000
 
diff --git a/sql/sql_acl.cc b/sql/sql_acl.cc
index d2ca8717f40..00ced9fcede 100644
--- a/sql/sql_acl.cc
+++ b/sql/sql_acl.cc
@@ -14170,8 +14170,8 @@ static void server_mpvio_info(MYSQL_PLUGIN_VIO *vio,
 
 static bool acl_check_ssl(THD *thd, const ACL_USER *acl_user)
 {
-  Vio *vio= thd->net.vio;
 #ifdef HAVE_OPENSSL
+  Vio *vio= thd->net.vio;
   SSL *ssl= (SSL *) vio->ssl_arg;
   X509 *cert;
 #endif
@@ -14183,26 +14183,8 @@ static bool acl_check_ssl(THD *thd, const ACL_USER *acl_user)
     if X509 certificate attributes are OK
   */
   switch (acl_user->ssl_type) {
-  case SSL_TYPE_NOT_SPECIFIED:                  // Impossible
-  case SSL_TYPE_NONE:                           // SSL is not required
-    if (opt_require_secure_transport)
-    {
-      enum enum_vio_type type= vio_type(vio);
-#ifdef HAVE_OPENSSL
-      return type != VIO_TYPE_SSL &&
-#ifndef _WIN32
-             type != VIO_TYPE_SOCKET;
-#else
-             type != VIO_TYPE_NAMEDPIPE;
-#endif
-#else
-#ifndef _WIN32
-      return type != VIO_TYPE_SOCKET;
-#else
-      return type != VIO_TYPE_NAMEDPIPE;
-#endif
-#endif
-    }
+  case SSL_TYPE_NOT_SPECIFIED:  // Impossible
+  case SSL_TYPE_NONE:           // SSL is not required FOR THIS SPECIFIC USER
     return 0;
 #ifdef HAVE_OPENSSL
   case SSL_TYPE_ANY:                            // Any kind of SSL is ok
diff --git a/sql/sql_connect.cc b/sql/sql_connect.cc
index 8710067d85d..c985c305fab 100644
--- a/sql/sql_connect.cc
+++ b/sql/sql_connect.cc
@@ -829,6 +829,21 @@ bool init_new_connection_handler_thread()
   return 0;
 }
 
+static bool check_require_secured_transport(THD *thd)
+{
+  Vio *vio= thd->net.vio;
+  if (opt_require_secure_transport)
+  {
+    enum enum_vio_type type= vio_type(vio);
+
+    return
+      (type != VIO_TYPE_SSL) &&
+      (type != VIO_TYPE_NAMEDPIPE) &&
+      (type != VIO_TYPE_SOCKET);
+  }
+  return 0;
+}
+
 /**
   Set client address during authentication.
 
@@ -1081,6 +1096,17 @@ static int check_connection(THD *thd)
     return 1; /* The error is set by alloc(). */
   }
 
+  if(check_require_secured_transport(thd))
+  {
+    Host_errors errors;
+    errors.m_ssl= 1;
+    inc_host_errors(thd->main_security_ctx.ip, &errors);
+    status_var_increment(thd->status_var.access_denied_errors);
+    my_error(ER_SECURE_TRANSPORT_REQUIRED, MYF(0));
+
+    return 1;
+  }
+
   auth_rc= acl_authenticate(thd, 0);
   if (auth_rc == 0 && connect_errors != 0)
   {