OpenBSD manual page server

Manual Page Search Parameters

SSL_SET1_HOST(3) Library Functions Manual SSL_SET1_HOST(3)

SSL_set1_hostSSL server verification parameters

#include <openssl/ssl.h>

SSL_set1_host(SSL *ssl, const char *hostname);

() configures a server hostname check in the ssl client, setting the expected DNS hostname to hostname and clearing any previously specified hostname. If hostname is NULL or the empty string, name checks are not performed on the peer certificate. If a nonempty hostname is specified, certificate verification automatically checks the peer hostname via X509_check_host(3) with flags set to 0.

SSL clients are advised to use this function in preference to explicitly calling X509_check_host(3).

SSL_set1_host() returns 1 for success or 0 for failure.

ssl(3), SSL_CTX_set_verify(3), SSL_get_peer_certificate(3), SSL_get_verify_result(3), X509_check_host(3), X509_VERIFY_PARAM_set1_host(3)

This function first appeared in OpenSSL 1.1.0 and has been available since OpenBSD 6.5.

January 27, 2021 OpenBSD-current