| SSL_SET1_HOST(3) | Library Functions Manual | SSL_SET1_HOST(3) |
SSL_set1_host —
SSL server verification parameters
#include
<openssl/ssl.h>
int
SSL_set1_host(SSL *ssl,
const char *hostname);
SSL_set1_host()
configures a server hostname check in the ssl client,
setting the expected DNS hostname to hostname and
clearing any previously specified hostname. If
hostname is NULL or the empty
string, name checks are not performed on the peer certificate. If a nonempty
hostname is specified, certificate verification
automatically checks the peer hostname via
X509_check_host(3) with
flags set to 0.
SSL clients are advised to use this function in preference to explicitly calling X509_check_host(3).
SSL_set1_host() returns 1 for success or 0
for failure.
ssl(3), SSL_CTX_set_verify(3), SSL_get_peer_certificate(3), SSL_get_verify_result(3), X509_check_host(3), X509_VERIFY_PARAM_set1_host(3)
This function first appeared in OpenSSL 1.1.0 and has been available since OpenBSD 6.5.
| September 22, 2020 | OpenBSD-current |