[Pkg-openssl-devel] Bug#691964: Bug#691964: openssl: s_client does not verify server hostname against certificate
Kurt Roeckx
kurt at roeckx.be
Thu Nov 1 13:45:52 UTC 2012
retitle 691964 openssl doesn't provide hostname checks
forward 691964 http://rt.openssl.org/Ticket/Display.html?id=2549&user=guest&pass=guest
severity 691964 wishlist
thanks
On Thu, Nov 01, 2012 at 02:31:58PM +0100, Michal Suchanek wrote:
>
> It appears to be reported upstream:
>
> http://rt.openssl.org/Ticket/Display.html?id=2549&user=guest&pass=guest
So I didn't properly read your subject until now, and this is
about the rfc 2818 / rfc 6125 checks to see that the server
you're connected to gives a certificate that matches the
hostnames you're trying to connect to.
openssl currently doesn't provide functions for this, and it
would be good that it did.
Kurt
More information about the Pkg-openssl-devel
mailing list