[openssl.org #2549] [Bug report / Linux / openssl 0.9.8k-7ubuntu8.6] openssl s_client does not verify certificate against server's host name

2014-08-15 Thread Rich Salz via RT
This is possible in current releases by using the -verify_hostname flag. -- Rich Salz, OpenSSL dev team; rs...@openssl.org __ OpenSSL Project http://www.openssl.org Development Mailing List

Re: [openssl.org #2549] [Bug report / Linux / openssl 0.9.8k-7ubuntu8.6] openssl s_client does not verify certificate against server's host name

2011-06-30 Thread Alain Knaff
On 27/06/11 11:54, Peter Sylvester via RT wrote: On 06/26/2011 08:05 PM, Peter Sylvester wrote: On 06/26/2011 02:59 PM, Alain Knaff via RT wrote: Hello, openssl s_client -connect hostname.domain.com:443 does not verify that the certificate matches the hostname. (i.e. hostname.domain.com

Re: [openssl.org #2549] [Bug report / Linux / openssl 0.9.8k-7ubuntu8.6] openssl s_client does not verify certificate against server's host name

2011-06-29 Thread Alain Knaff via RT
On 27/06/11 11:54, Peter Sylvester via RT wrote: On 06/26/2011 08:05 PM, Peter Sylvester wrote: On 06/26/2011 02:59 PM, Alain Knaff via RT wrote: Hello, openssl s_client -connect hostname.domain.com:443 does not verify that the certificate matches the hostname. (i.e. hostname.domain.com

Re: [openssl.org #2549] [Bug report / Linux / openssl 0.9.8k-7ubuntu8.6] openssl s_client does not verify certificate against server's host name

2011-06-27 Thread Peter Sylvester
On 06/26/2011 08:05 PM, Peter Sylvester wrote: On 06/26/2011 02:59 PM, Alain Knaff via RT wrote: Hello, openssl s_client -connect hostname.domain.com:443 does not verify that the certificate matches the hostname. (i.e. hostname.domain.com should match either the CN of subject, or in one of the

Re: [openssl.org #2549] [Bug report / Linux / openssl 0.9.8k-7ubuntu8.6] openssl s_client does not verify certificate against server's host name

2011-06-27 Thread Peter Sylvester via RT
On 06/26/2011 08:05 PM, Peter Sylvester wrote: On 06/26/2011 02:59 PM, Alain Knaff via RT wrote: Hello, openssl s_client -connect hostname.domain.com:443 does not verify that the certificate matches the hostname. (i.e. hostname.domain.com should match either the CN of subject, or in one of

[openssl.org #2549] [Bug report / Linux / openssl 0.9.8k-7ubuntu8.6] openssl s_client does not verify certificate against server's host name

2011-06-26 Thread Alain Knaff via RT
Hello, openssl s_client -connect hostname.domain.com:443 does not verify that the certificate matches the hostname. (i.e. hostname.domain.com should match either the CN of subject, or in one of the subjectAltNames) Without such verification any web site owner who has a certificate can mount a

Re: [openssl.org #2549] [Bug report / Linux / openssl 0.9.8k-7ubuntu8.6] openssl s_client does not verify certificate against server's host name

2011-06-26 Thread David Schwartz
On 6/26/2011 5:59 AM, Alain Knaff via RT wrote: openssl s_client -connect hostname.domain.com:443 does not verify that the certificate matches the hostname. (i.e. hostname.domain.com should match either the CN of subject, or in one of the subjectAltNames) Without such verification any web

Re: [openssl.org #2549] [Bug report / Linux / openssl 0.9.8k-7ubuntu8.6] openssl s_client does not verify certificate against server's host name

2011-06-26 Thread Peter Sylvester
On 06/26/2011 02:59 PM, Alain Knaff via RT wrote: Hello, openssl s_client -connect hostname.domain.com:443 does not verify that the certificate matches the hostname. (i.e. hostname.domain.com should match either the CN of subject, or in one of the subjectAltNames) Without such verification any