> From: Chethan Kumar [mailto:Chethan.Kumar@xxxxxxxxxxxxxxxx] > Sent: Tuesday, May 21, 2019 03:53 > > I researched more and found that tlsext_hostname member variable in SSL > structure can be used to to get host name. That's the SNI hostname, which is set by the client to the hostname (or possibly some other string identifier, such as the text representation of an IP address) that it thinks it wants to connect to. It's used by the server to determine what certificate to send to the client. It's not a reliable indicator of the server's hostname, and has nothing to do with the client's hostname. > If applications set this using SSL_set_tlsext_host_name(), is it correct to > print hostname/IP in tlsext_hostname. "correct" in what sense? "print" where? Forget OpenSSL APIs and details of OpenSSL data structures. What problem are you trying to solve? > Can I use this one to set hostname/Ip address.? Maybe. You haven't explained what you're trying to do. > Can applications acting as both server and client set this? It's set by a client. It doesn't matter what else that client is doing. -- Michael Wojcik Distinguished Engineer, Micro Focus
