9 lines
408 B
Plaintext
9 lines
408 B
Plaintext
To establish a SSL/TLS connection not vulnerable to man-in-the-middle attacks, it's essential to make sure the server presents the right certificate.
|
|
|
|
The certificate's hostname-specific data should match the server hostname.
|
|
|
|
|
|
It's not recommended to re-invent the wheel by implementing custom hostname verification.
|
|
|
|
TLS/SSL libraries provide built-in hostname verification functions that should be used.
|