openssl s_client allows connection while curl does not

curl openssl 
grief@rocket:/$ curl https://wrong.host.badssl.com
curl: (60) SSL: no alternative certificate subject name matches target host name 'wrong.host.badssl.com'
More details here: https://curl.se/docs/sslcerts.html

curl failed to verify the legitimacy of the server and therefore could not
establish a secure connection to it. To learn more about this situation and
how to fix it, please visit the web page mentioned above.


grief@rocket:/$ echo "Q" | openssl s_client wrong.host.badssl.com:443 2>&1|grep Verification
Verification: OK

How can I test if the certificate matches the hostname using openssl (1)?


Solution 1:

You need to enable hostname verification using the -verify_hostname <host> option.

Related

How to see which package depends on the lib?
Are the rules for clearing Thunar's thumbnail cache set somewhere that the user can change?
How to do automatic 2FA with SSH/SCP on Windows (ideally using PuTTY+WinSCP)?
How to save anchor points in photoshop?
Small sized GPG command-line tool for Windows
"Mount" for .ISO's disappeared from context menu
Word Templates - how to make a document portable?
What would happen if I force installed a Linux driver into Mac OS X?
What's the advantage of buying an iMac over building a Hackintosh?
Why is it still not possible to cut files to paste them elsewhere in Catalina? [duplicate]
Does online gaming use data?
What did iOS do before multitasking?