This is possible in current releases by using the -verify_hostname flag.
--
Rich Salz, OpenSSL dev team; rs...@openssl.org
__
OpenSSL Project http://www.openssl.org
Development Mailing List
On 27/06/11 11:54, Peter Sylvester via RT wrote:
On 06/26/2011 08:05 PM, Peter Sylvester wrote:
On 06/26/2011 02:59 PM, Alain Knaff via RT wrote:
Hello,
openssl s_client -connect hostname.domain.com:443 does not verify that
the certificate matches the hostname. (i.e. hostname.domain.com
On 27/06/11 11:54, Peter Sylvester via RT wrote:
On 06/26/2011 08:05 PM, Peter Sylvester wrote:
On 06/26/2011 02:59 PM, Alain Knaff via RT wrote:
Hello,
openssl s_client -connect hostname.domain.com:443 does not verify that
the certificate matches the hostname. (i.e. hostname.domain.com
On 06/26/2011 08:05 PM, Peter Sylvester wrote:
On 06/26/2011 02:59 PM, Alain Knaff via RT wrote:
Hello,
openssl s_client -connect hostname.domain.com:443 does not verify that
the certificate matches the hostname. (i.e. hostname.domain.com should
match either the CN of subject, or in one of the
On 06/26/2011 08:05 PM, Peter Sylvester wrote:
On 06/26/2011 02:59 PM, Alain Knaff via RT wrote:
Hello,
openssl s_client -connect hostname.domain.com:443 does not verify that
the certificate matches the hostname. (i.e. hostname.domain.com should
match either the CN of subject, or in one of
Hello,
openssl s_client -connect hostname.domain.com:443 does not verify that
the certificate matches the hostname. (i.e. hostname.domain.com should
match either the CN of subject, or in one of the subjectAltNames)
Without such verification any web site owner who has a certificate can
mount a
On 6/26/2011 5:59 AM, Alain Knaff via RT wrote:
openssl s_client -connect hostname.domain.com:443 does not verify that
the certificate matches the hostname. (i.e. hostname.domain.com should
match either the CN of subject, or in one of the subjectAltNames)
Without such verification any web
On 06/26/2011 02:59 PM, Alain Knaff via RT wrote:
Hello,
openssl s_client -connect hostname.domain.com:443 does not verify that
the certificate matches the hostname. (i.e. hostname.domain.com should
match either the CN of subject, or in one of the subjectAltNames)
Without such verification any