diff -urN freeradius-1.0.2.orig/src/modules/rlm_sql/conf.h freeradius-1.0.2/src/modules/rlm_sql/conf.h
--- freeradius-1.0.2.orig/src/modules/rlm_sql/conf.h	2004-04-28 23:55:16.000000000 +0200
+++ freeradius-1.0.2/src/modules/rlm_sql/conf.h	2005-03-19 03:44:39.000000000 +0100
@@ -14,6 +14,12 @@
 	char   *sql_port;
 	char   *sql_login;
 	char   *sql_password;
+	int     sql_ssl_enable;
+	char   *sql_ssl_key;
+	char   *sql_ssl_cert;
+	char   *sql_ssl_ca;
+	char   *sql_ssl_capath;
+	char   *sql_ssl_cipher;
 	char   *sql_db;
 	char   *sql_acct_table;
 	char   *sql_acct_table2;
diff -urN freeradius-1.0.2.orig/src/modules/rlm_sql/drivers/rlm_sql_mysql/sql_mysql.c freeradius-1.0.2/src/modules/rlm_sql/drivers/rlm_sql_mysql/sql_mysql.c
--- freeradius-1.0.2.orig/src/modules/rlm_sql/drivers/rlm_sql_mysql/sql_mysql.c	2004-01-22 19:23:20.000000000 +0100
+++ freeradius-1.0.2/src/modules/rlm_sql/drivers/rlm_sql_mysql/sql_mysql.c	2005-03-19 03:47:17.000000000 +0100
@@ -74,6 +74,13 @@
 			sqlsocket->id);
 
 	mysql_init(&(mysql_sock->conn));
+	
+	/* SSL support */
+	if (config->sql_ssl_enable) {
+		radlog(L_INFO, "rlm_sql_mysql: Enabling SSL for #%d", sqlsocket->id);
+		mysql_ssl_set(&(mysql_sock->conn), config->sql_ssl_key, config->sql_ssl_cert, config->sql_ssl_ca, config->sql_ssl_capath, config->sql_ssl_cipher);
+	}
+
 	if (!(mysql_sock->sock = mysql_real_connect(&(mysql_sock->conn),
 						    config->sql_server,
 						    config->sql_login,
diff -urN freeradius-1.0.2.orig/src/modules/rlm_sql/rlm_sql.c freeradius-1.0.2/src/modules/rlm_sql/rlm_sql.c
--- freeradius-1.0.2.orig/src/modules/rlm_sql/rlm_sql.c	2004-09-30 16:54:22.000000000 +0200
+++ freeradius-1.0.2/src/modules/rlm_sql/rlm_sql.c	2005-03-19 03:44:16.000000000 +0100
@@ -61,6 +61,18 @@
 	 offsetof(SQL_CONFIG,sql_login), NULL, ""},
 	{"password", PW_TYPE_STRING_PTR,
 	 offsetof(SQL_CONFIG,sql_password), NULL, ""},
+	{"ssl_enable",PW_TYPE_BOOLEAN,
+	 offsetof(SQL_CONFIG,sql_ssl_enable), NULL, "no"},
+	{"ssl_key",PW_TYPE_STRING_PTR,
+	 offsetof(SQL_CONFIG,sql_ssl_key), NULL, "/etc/ssl/private/radiusd-mysql.pem"},
+	{"ssl_cert",PW_TYPE_STRING_PTR,
+	 offsetof(SQL_CONFIG,sql_ssl_cert), NULL, "/etc/ssl/private/radiusd-mysql.pem"},
+	{"ssl_ca",PW_TYPE_STRING_PTR,
+	 offsetof(SQL_CONFIG,sql_ssl_ca), NULL, NULL},
+	{"ssl_capath",PW_TYPE_STRING_PTR,
+	 offsetof(SQL_CONFIG,sql_ssl_capath), NULL, "/etc/ssl/certs"},
+	{"ssl_cipher",PW_TYPE_STRING_PTR,
+	 offsetof(SQL_CONFIG,sql_ssl_cipher), NULL, NULL},
 	{"radius_db", PW_TYPE_STRING_PTR,
 	 offsetof(SQL_CONFIG,sql_db), NULL, "radius"},
 	{"acct_table", PW_TYPE_STRING_PTR,