curl / Mailing Lists / curl-library / Single Mail


libcurl not verifying proxy url against IP address present in subject alternate name

From: Hemant Kumar via curl-library <>
Date: Wed, 29 Nov 2017 00:42:44 +0530

Hi All,

I am using pycurl (python wrapper of libcurl) to connect to a remote
server(HTTPS) via a proxy(HTTPS).
While establishing SSL connection with the proxy, the certificate shared by
proxy has both CN and SAN entries as below -

Subject: C=IN, ST=KA, L=BGL, O=xxxx, OU=x, *

X509v3 Subject Alternative Name:
      , *DNS:*, <>

In my code when I use proxy's FQDN( as the proxy URL to
access then the ssl verification works fine but when I try using the
IP Address I get below error -

"SSL: no alternative certificate subject name matches target host name

Should not libcurl verify the proxy URL against all the subject alternate
names present in the received certificate or am I missing something here?

Software versions used - PycURL/7.43.0 libcurl/7.56.1



Received on 2017-11-29