How to skip domain name verification in OpenSSL? -

How to skip domain name verification in OpenSSL? -

i using both server , client authentication in openssl.

ssl_ctx_set_verify(ctx, ssl_verify_peer | ssl_verify_fail_if_no_peer_cert, null);

but client not have valid domain name, skip domain name check in verification process. tailored verification callback function may given limited knowledge in openssl, inquire help. lot.

how skip domain name verification in openssl?

there's no need skip because not performed current openssl implementations. current implementations include 0.9.8, 1.0.0, , 1.0.1.

however, according openssl alter log, openssl 1.0.2 , 1.1.0 include hostname verification:

*) integrate hostname, email address , ip address checking certificate verification. new verify options supporting checking in opensl utility. [steve henson]

*) fixes , wildcard matching back upwards hostname , email checking functions. add together manual page. [florian weimer (red hat product security team)]

*) new functions check hostname email or ip address against certificate. add together options x509 utility print results of checks against certificate. [steve henson]

according alter logs, there's -verify_name option, did not see incorporated. apps.c appears responds -verify_hostname switch. s_client not respond either switch, unclear how hostname checking implemented or invoked client.

openssl