cURL / Mailing Lists / curl-library / Single Mail

curl-library

SSL cert error

From: Gisle Vanem <gvanem_at_broadpark.no>
Date: Sat, 12 Jun 2004 15:12:30 +0200

Why should a difference in case of a host/domain-name be a fatal error:

* SSL: certificate subject name '*.Fortify.net' does not match target host
name 'www.fortify.net'
* Closing connection #0

(curl -v https://www.fortify.net/cgi-bin/ssl_2)

Would it hurt if in cert_hostcheck(), we make some uppercase copies
before returning 0?

Should IMHO be allowed even with ssl.verifyhost > 1. At least this command
doesn't complain:
echo GET /cgi-bin/ssl_2 | openssl s_client -connect www.fortify.net:443

--gv
Received on 2004-06-12

This message: [ Message body ]
Next message: Alexander Krasnostavsky: ""--disable-http" option."
Previous message: Daniel Campos: "About FTP authentication"
Next in thread: Daniel Stenberg: "Re: SSL cert error"
Reply: Daniel Stenberg: "Re: SSL cert error"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]