I'm using libcurl to connect to a site x.y.foo.net that has a wildcard certificate for *.foo.net.

On a Win8.1 PC with libcurl identifying itself as version "7.45.0", ssl_version "OpenSSL/1.0.1p" I see
curl: Info: Server certificate:
curl: Info: subject: OU=Domain Control Validated; CN=*.foo.net
curl: Info: subjectAltName does not match x.y.foo.net
curl: Info: SSL: no alternative certificate subject name matches target host name 'x.y.foo.net'

Ok, that's about what I'd expect. * should only match a single hostname/domain-name component.

On a 10.11 Mac with version "7.43.0", ssl_version "SecureTransport" it just quietly, successfully connects. Since this is my primary environment, I didn't even realize there was a certificate problem.

From what I can tell, I don't see any bugs reported on this. Should there be? And do the other vtls adapters need checking too?

-------------------------------------------------------------------
List admin: https://cool.haxx.se/list/listinfo/curl-users
FAQ: https://curl.haxx.se/docs/faq.html
Etiquette: https://curl.haxx.se/mail/etiquette.html
Received on 2016-05-11