Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Wrong value set for CURLOPT_SSL_VERIFYHOST #36

Merged
merged 1 commit into from Dec 7, 2012

Conversation

@tmuras
Copy link
Contributor

commented Nov 25, 2012

The correct value for CURLOPT_SSL_VERIFYHOST is 2, not 1.

From the libcurl documentation:

When CURLOPT_SSL_VERIFYHOST is 2, that certificate must indicate that the
server is the server to which you meant to connect, or the connection fails.

Curl considers the server the intended one when the Common Name field or a
Subject Alternate Name field in the certificate matches the host name in the
URL to which you told Curl to connect.

When the value is 1, the certificate must contain a Common Name field, but it
doesn't matter what name it says. (This is not ordinarily a useful setting).

Reported by ghedo from debian.org - thank you.

tpyo added a commit that referenced this pull request Dec 7, 2012
Merge pull request #36 from tmuras/master
Wrong value set for CURLOPT_SSL_VERIFYHOST

@tpyo tpyo merged commit 5677037 into tpyo:master Dec 7, 2012

@tpyo

This comment has been minimized.

Copy link
Owner

commented Dec 7, 2012

Thanks!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
2 participants
You can’t perform that action at this time.