2 Replies Latest reply on Jan 18, 2015 11:01 PM by userc_2634

    SSL - Certificate subject does not match remote hostname



      I try ssl connection and every thing looks good, but when I tested correct certification I saw that Wiced doesn't check the hostname form public serwer certificate with lookup domain.


      In wiced_tls_init_simple_context we set peer_cn e.g "mydomain.com"


           context->context.peer_cn = peer_cn;


      In wiced_tcp_enable_tls context pointer is assigned to socket.


          socket->tls_context = context;


      And until this moment everything looks great but next, in wiced_tcp_connect() when we socket->tls_context != NULL runs wiced_tcp_start_tls() next wiced_tcp_start_tls_with_ciphers() and first line we have


      memset( &tls_context->context, 0, sizeof(wiced_tls_context_t) );


      Probably in ssl_init performs zeroing of context too



      And now my question, is any idea to repair this problem with Wiced function or I must write myself function whitch compare mydomain with decrypted public server certificate because we have this in




      at the and on wiced_tcp_start_tls_with_ciphers()?



      I use SDK 3.1.1.


      Best regards