Hello, I am looking for confirmation regarding the hostname validation implementation in OpenSSL 1.1.0. Is the example code at https://wiki.openssl.org/index.php/Hostname_validation the correct way to do hostname validation with both 1.1.0 and 1.0.2? Specifically, in order for OpenSSL 1.1.0 to automatically perform hostname checks, does the calling application need to use both X509_VERIFY_PARAM_set1_host (with the expected DNS hostname) and SSL_set_verify (with SSL_VERIFY_PEER) as is the case for OpenSSL 1.0.2? Thank you. Alain Alain Hajjar mobile +1 240 330 3754 direct +1 443 884 6687 CyberPoint International 621 East Pratt Street, Suite 400 Baltimore MD 21202-3196 phone +1 410 779 6700 If you believe you received this e-mail in error, please notify the sender immediately, delete the e-mail from your computer and do not copy or disclose it to anyone else. The information in this email constitutes the proprietary information of Cyber Point International, LLC, and should be accessed only by the individual to whom it is addressed. The information in this email and any attachments may not be used, copied or disclosed without the consent of CyberPoint. CyberPoint is not responsible for any damages caused by your unauthorized use of the materials in this email. |
Attachment:
smime.p7s
Description: S/MIME cryptographic signature
-- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
