SSLCheckCommonName
 
Type

Boolean

Default

false

Required

no

Configuration section

[SSLOption<N>]

Description

Determines whether or not the hostname listed in the peer's certificate (that is, the CommonName or "CN" attribute) resolves to the same IP address as the peer itself, as determined by the network connection. This parameter helps verify the identity of the peer.

For example, if the hostname in a certificate is eip.autonomy.com and resolves to an IP address of 12.3.4.56, then the peer should share the same IP address.

Example

SSLCheckCommonName=true

See also

SSLCACertificate

SSLCertificate

SSLCheckCertificate

SSLConfig

SSLMethod

SSLOption<N>

SSLPrivateKey

SSLPrivateKeyPassword