NAME
SSL_set1_host
—
SSL server verification
parameters
SYNOPSIS
#include
<openssl/ssl.h>
int
SSL_set1_host
(SSL *ssl,
const char *hostname);
DESCRIPTION
SSL_set1_host
()
configures a server hostname check in the ssl client,
setting the expected DNS hostname to hostname and
clearing any previously specified hostname. If
hostname is NULL
or the empty
string, name checks are not performed on the peer certificate. If a nonempty
hostname is specified, certificate verification
automatically checks the peer hostname via
X509_check_host(3) with flags set to
0.
SSL clients are advised to use this function in preference to explicitly calling X509_check_host(3).
RETURN VALUES
SSL_set1_host
() returns 1 for success or 0
for failure.
SEE ALSO
ssl(3), SSL_CTX_set_verify(3), SSL_get_peer_certificate(3), SSL_get_verify_result(3), X509_check_host(3), X509_VERIFY_PARAM_set1_host(3)
HISTORY
This function first appeared in OpenSSL 1.1.0 and has been available since OpenBSD 6.5.