Hello, This question pertains to a C++ implementation of libCurl version 7.33.0.
I am implementing some security upgrades to our software including turning on CURLOPT_SSL_VERIFYHOST (setting to value 2). Some of the server certificates we receive are wildcard certs. I was expecting to see failures after turning on the CURLOPT_SSL_VERIFYHOST, but libCurl it is happily going about performing the HTTPS request. I'm not sure what the expected behavior is here. If I try to connect to https://test.domain.com should a certificate for *.domain.com pass this verification or no? Thanks, Paul
------------------------------------------------------------------- List admin: https://cool.haxx.se/list/listinfo/curl-library Etiquette: https://curl.haxx.se/mail/etiquette.html
