Optional domain name verification

[hinzundcode]

Since fcf9c0d I can't connect to a webserver in my local network anymore. Is it possible to make domain name verification optional (and only verify the fingerprint)? I connect to the webserver using its internal ip adress, the certificate doesn't contain a domain name.

Want to back this issue? Post a bounty on it! We accept bounties via Bountysource.

[igrr]

We can split verification into two functions (verifyDomainName and verifySHA1Fingerprint) so that you can choose which part to verify.

As a temporary workaround, i think you can generate a (self-signed) certificate which will contain an IP address. You can follow this procedure, except that you need to specify IP.1 = xxx.xxx.xxx.xxx instead of DNS.1 = in alternate_names config section.