Home > Software engineering >  OpenSSL Wrong Host Name
OpenSSL Wrong Host Name

Time:09-14

I use site badssl.com in order to check whether I am able to catch all invalid certificates. One of the sites with invalid certificate is https://wrong.host.badssl.com/. Nevertheless if I type in cmd openssl s_client -connect wrong.host.badssl.com:443, I receive verification OK status. How can I solve the problem?

CodePudding user response:

How can I solve the problem?

Newer versions of openssl have the option -verify_hostname:

$ openssl s_client -connect wrong.host.badssl.com:443 \
   -verify_hostname wrong.host.badssl.com
...
    Verify return code: 62 (Hostname mismatch)

Older versions don't have this option and there is no way to enable the functionality in this older versions otherwise.

  • Related