To get end point's IP address

Michael Wojcik Michael.Wojcik at
Tue May 21 15:00:19 UTC 2019

> From: Chethan Kumar [mailto:Chethan.Kumar at]
> Sent: Tuesday, May 21, 2019 03:53
> I researched more and found that tlsext_hostname member variable in SSL
> structure can be used to to get host name.

That's the SNI hostname, which is set by the client to the hostname (or possibly some other string identifier, such as the text representation of an IP address) that it thinks it wants to connect to. It's used by the server to determine what certificate to send to the client. It's not a reliable indicator of the server's hostname, and has nothing to do with the client's hostname.

> If applications set this using SSL_set_tlsext_host_name(), is it correct to
> print hostname/IP in  tlsext_hostname.

"correct" in what sense? "print" where?

Forget OpenSSL APIs and details of OpenSSL data structures. What problem are you trying to solve?

> Can I use this one to set hostname/Ip address.?

Maybe. You haven't explained what you're trying to do.

> Can applications acting as both server and client set this?

It's set by a client. It doesn't matter what else that client is doing.

Michael Wojcik
Distinguished Engineer, Micro Focus

More information about the openssl-users mailing list