Hi all,
I'm using openssl with my application; I'd like to add the 5th optional step (to avoid man-in-the-middle-attack) in my tls negotiation by ensuring the FQDN presents in the certificate with the actual fqdn of the sender. 1) Please suggest me a way to extract subject name in FQDN from certificate; and do we need to extract fqdn from extension list also? 2) What is the best way to get the fqdn of the peer? Is reverse fqdn lookup a recommend method? 3) Is there any precaution I should take care while implementing this step? Any suggestion is highly appreciated. -soji
