ike to suggest some text to clarify the documentation?
> A pull request?
Note that paragraph three of the DESCRIPTION reads:
When name [bold font] starts with a dot (e.g. ".example.com"),
it will be matched by a certificate valid for any sub-domain of name,
(see al
On Tue, Apr 19, 2022 at 03:25:03PM -0700, Hal Murray wrote:
> man X509_check_host says:
>If set, X509_CHECK_FLAG_SINGLE_LABEL_SUBDOMAINS restricts name values
>which start with ".", that would otherwise match any sub-domain in the
>peer certificate
man X509_check_host says:
If set, X509_CHECK_FLAG_SINGLE_LABEL_SUBDOMAINS restricts name values
which start with ".", that would otherwise match any sub-domain in the
peer certificate, to only match direct child sub-domains. Thus, for
instance, with thi
