[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Bug in tlso_session_chkhost?

Howard Chu wrote:
> The point is there is nothing on your machine that says your hostname is "localhost".
> Therefore, since the subjectAltName of DNS:localhost doesn't match any known name for
> your host, the cert is rejected.

The machine's hostname is completely irrelevant.

The TLS hostname MUST check the hostname the client used to successfully establish the
connection and nothing else.

Ciao, Michael.

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature