I encounter a hostname mismatch error at the client side in the server certificate verification step:- "Verify return code: 62 (hostname mismatch)".
But am able to see that hostname sent in Client-hello in SNI extension is matching with server-certificate's Subject name(Common Name):-
SNI extension in client-hello;-
extension_type=server_name(0), length=18 0000 - 00 10 00 00 0d 54 4c 53-2d 55 6e 69 74 2d 54 .....TLS-Unit-T 000f - 65 73 74 est extension_type=ec_point_formats(11), length=4
Server-certificate common-name:-
Subject: C = IN, ST = KA, L = Bangalore, O = Cisco, CN = TLS-Unit-Test
Subject field is deprecated. Proper TLS clients do not look in this field at all, they examine SAN extension instead. SAN extension must contain all domain names the certificate is valid for.