One other step that should also be performed here is checking the name on the certificate against the host name used to connect to it.
此处还要执行的另外一个步骤是根据连接所使用的主机名对证书的名字进行检查。
2
This includes checking the expiration date of the certificate, verifying the signature, and deciding whether credentials presented by the peer should be accepted.
它包括了检查确认的过期时间,确认签名,并决定对等者呈现的权限是否应该接受。
3
If the certificate passed OpenSSL's internal checks, including checking for trust, then it returns X509_V_OK.