Why do you try the SSH option in MySQL Workbench if the connection from the commandline clearly does not use SSH? Remove that from the connection settings.
Instead set up a normal TCP/IP connection, set the MySQL host to your endpoint. Switch to the SSL settings page and activate SSL + set your cert file location as you did on the commandline.
Additional informations:
SSH is for the communication of MySQL Workbench with the remote system (file access, server control etc., see also http://en.wikipedia.org/wiki/Secure_Shell). An SSH connection is not needed if you only want to do MySQL work (running queries). It requires on the end point a running SSH server to create the tunnel. You need to create an SSH connection if you want to manage the server (edit the config file, control the server process and such) or if the server is not directly reachable (e.g. is behind a firewall which doesn't allow communication to the MySQL port, for security reasons). For Windows there's an additional solution for local networks by using WMI.
SSL is an encryption for the communication between the MySQL client and server (http://en.wikipedia.org/wiki/Transport_Layer_Security). It's part of the protocol that MySQL uses for communication and works completely independant of MySQL Workbench or any SSH tunnel.