Hostname validation

From OpenSSLWiki
Revision as of 18:50, 3 March 2013 by Ppelleti (talk | contribs) (minimal explanation of the hostname validation problem, with some links)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigationJump to search
The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.

One very common mistake made by users of OpenSSL is to assume that OpenSSL will validate the hostname in the server's certificate. Currently, it does not, although a future version (1.1.0?) will include this functionality.

Here is some sample code which shows how validating the hostname can be done. However, it does not handle wildcard certificates, so borrowing some code from cURL might be one way to go.

Retrieved from "https://wiki.openssl.org/index.php?title=Hostname_validation&oldid=92"