cURL / Mailing Lists / curl-library / Single Mail


How do I customise SSL hostname validation

From: Peter Andrews <>
Date: Wed, 29 Jan 2014 09:09:16 +0000


Is it possible to override the hostname validation for SSL certificates? I
have 2 servers with the same hostname (Primary & Standby) but different IP
Addresses. My application needs to poll a test page on both servers to
check their status, To do this I have to specify the IP address instead
of the hostname in the URL.
  curl_easy_setopt(curl, CURLOPT_URL, "https://x.x.x.x/test.html");

When using the IP address in the URL the following error gets returned
after calling curl_easy_perform(...)

* SSL: certificate subject name '' does not match target
host name '192.168.x.x'
* Closing connection #0
* SSL peer certificate was not ok
curl_easy_perform() failed: SSL peer certificate was not ok

I can solve this error by turning of the hostname validation using
CURLOPT_SSL_VERIFYHOST but this would not be adequate for out security

What I would like to know is can I send a request to a specific IP address
and still verity the certificate contains the expect hostname?

I am using CURL version 7.15.5

Thanks Pete

List admin:
Received on 2014-01-29