I want to check a expiration date of SSL(Certificate) and i use ocaml-ssl for that.
There is a server and this server accepts some domains.
e.g.:
aaa.example.com and bbb.example.com.
these domain have same IP address.
and each domain have different Certificate of course.
I try to get the information of each Certificate with ocaml-ssl.
I think, i have to use Ssl.Ssl.set_client_SNI_hostname function for that because server accepts two domains.
therefore wrote like following code:
Ssl.init();
let ctx = Ssl.create_context Ssl.TLSv1_2 Ssl.Client_context in
Ssl.set_context_alpn_protos ctx ["h2"; "http/1.1"];
let sockaddr = Unix.ADDR_INET (Unix.inet_addr_of_string ("SOME_IP_ADDRESS"), 443) in
let socket_domain = Unix.domain_of_sockaddr _sockaddr in
let socket = Unix.socket socket_domain Unix.SOCK_STREAM 0 in
let ssl = Ssl.embed_socket socket ctx in
Ssl.set_client_SNI_hostname ssl "aaa.example.com";
let _ = try
Ssl.connect ssl;
with _ ->
Printf.printf "%s\n" (Ssl.get_error_string());
in
But following error occurred by Ssl.connect ssl.
error:00000000:lib(0):func(0):reason(0)
How can I switch domains with ocaml-ssl?
I can use Ssl.open_connection_with_context ctx sockaddr in simply then it works fine.
But domain is not changable.