wildcard matching components

Carson Hewitt haloris-tx at yahoo.co.uk
Sat Aug 28 19:34:19 CEST 2010


I was trying to open an audio stream over https using VLC (1.1.3), which bundles 

The CA chain verification is fine. Then we get:

gnutls error: Certificate does not match "foo.bar.example.com"

Indeed, the common name of the server certificate is "*.example.com", which does 
not match our hostname because of the dot in foo.bar (I don't know if this 
behaviour is specified by the protocols implemented by gnutls, or if it's up to 
the implementation).

Is there a way to convince gnutls to trust the certificate even if it does not 
match the hostname ?

-- Carson

More information about the Gnutls-help mailing list