SSLContext.check_hostname
Whether to match the peer cert’s hostname with match_hostname()
in SSLSocket.do_handshake()
. The context’s verify_mode
must be set to CERT_OPTIONAL
or CERT_REQUIRED
, and you must pass server_hostname to wrap_socket()
in order to match the hostname.
Example:
import socket, ssl context = ssl.SSLContext(ssl.PROTOCOL_TLSv1) context.verify_mode = ssl.CERT_REQUIRED context.check_hostname = True context.load_default_certs() s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) ssl_sock = context.wrap_socket(s, server_hostname='www.verisign.com') ssl_sock.connect(('www.verisign.com', 443))
New in version 3.4.
Note
This features requires OpenSSL 0.9.8f or newer.
Please login to continue.