CURLOPT_SSL_VERIFYHOST Should use 2 instead of true
|Reported by:||sivel||Owned by:|
|Component:||HTTP API||Keywords:||has-patch 3.2-early|
CURLOPT_SSL_VERIFYHOST Should use an integer of 2 instead of true to enforce proper SSL verification. Setting to true acts like 1, which only checks for the existence of a common name, and not that the common name matches the requested hostname.
This was reported in another ticket #16855