.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
-.\" * are also available at http://curl.haxx.se/docs/copyright.html.
+.\" * are also available at https://curl.haxx.se/docs/copyright.html.
.\" *
.\" * You may opt to use, copy, modify, merge, publish, distribute and/or sell
.\" * copies of the Software, and permit persons to whom the Software is
.\" *
.\" **************************************************************************
.\"
-.TH CURLOPT_SSL_VERIFYHOST 3 "17 Jun 2014" "libcurl 7.37.0" "curl_easy_setopt options"
+.TH CURLOPT_SSL_VERIFYHOST 3 "February 02, 2017" "libcurl 7.59.0" "curl_easy_setopt options"
+
.SH NAME
CURLOPT_SSL_VERIFYHOST \- verify the certificate's name against host
.SH SYNOPSIS
This option controls checking the server's certificate's claimed identity.
The server could be lying. To control lying, see
-\fICURLOPT_SSL_VERIFYPEER(3)\fP. If libcurl is built against NSS and
-\fICURLOPT_SSL_VERIFYPEER(3)\fP is zero, \fICURLOPT_SSL_VERIFYHOST(3)\fP is
-also set to zero and cannot be overridden.
+\fICURLOPT_SSL_VERIFYPEER(3)\fP.
+.SH LIMITATIONS
+DarwinSSL: If \fIverify\fP value is 0, then SNI is also disabled. SNI is a TLS
+extension that sends the hostname to the server. The server may use that
+information to do such things as sending back a specific certificate for the
+hostname, or forwarding the request to a specific origin server. Some hostnames
+may be inaccessible if SNI is not sent.
+
+NSS: If \fICURLOPT_SSL_VERIFYPEER(3)\fP is zero,
+\fICURLOPT_SSL_VERIFYHOST(3)\fP is also set to zero and cannot be overridden.
.SH DEFAULT
2
.SH PROTOCOLS
-All TLS based protocols: HTTPS, FTPS, IMAPS, POP3, SMTPS etc.
+All TLS based protocols: HTTPS, FTPS, IMAPS, POP3S, SMTPS etc.
.SH EXAMPLE
.nf
CURL *curl = curl_easy_init();