TLS handshake hostname mismatch even when SNI matches with server-certificate subject name

I encounter a hostname mismatch error at the client side in the server certificate verification step:- "Verify return code: 62 (hostname mismatch)".

But am able to see that hostname sent in Client-hello in SNI extension is matching with server-certificate's Subject name(Common Name):-

SNI extension in client-hello;-

    extension_type=server_name(0), length=18
      0000 - 00 10 00 00 0d 54 4c 53-2d 55 6e 69 74 2d 54   .....TLS-Unit-T
      000f - 65 73 74                                       est
    extension_type=ec_point_formats(11), length=4

Server-certificate common-name:-

    Subject: C = IN, ST = KA, L = Bangalore, O = Cisco, CN = TLS-Unit-Test

Solution

Subject field is deprecated. Proper TLS clients do not look in this field at all, they examine SAN extension instead. SAN extension must contain all domain names the certificate is valid for.

curl: Unknown error (0x80092012) - The revocation function was unable to check revocation for the certificate
MongoDB TLS transport encryption check
Powershell script to check TLS 1.2 enabled in the browser
Windows 7 with .NET 4.8 installed and using tls1.2 still getting 'Could not create SSL/TLS secure channel' on certain websites - but not all websites
How to Test TLSv1 Connection for Python Requests to GoLang TLSv1 HTTPS Server
Update .NET web service to use TLS 1.2
DICOM TLS between Orthanc and pynetDicom fails with error ErrorDetails: DicomAssociation - connecting to AET "MY_AET": TLS error: OpenSSL error
How to fix Stripe Error: Network error [errno 77]: error setting certificate verify locations
GoLang Mochi MQTT Server with Python Paho MQTT Client TLS Authentication Verification Failed
How to fix proxyconnect tcp: tls: first record does not look like a TLS handshake
how is an SSL certificate chain bundle arranged?
Sudden TLS/SSL RestSharp failure on Win7 comps
Enable a specific cipher suite for Java 11
What is the role of https.Agent in Node?
SQL Server error 31 - "Encryption(ssl/tls) handshake failed", in an AWS Lambda function
How to test which version of TLS my .NET client is using?
Spring Boot MongoDB Connectivity Issue
How to determine incoming TLS version for Azure Storage
OpenPop library how to use TLS
How to add TLS to a particular context path in tomcat
Windows 7 Could not create SSL/TLS secure channel."} System.Net.WebException
How to change TLS protocol settings in HttpClient in Ballerina
TLS v1.2 Cipher Suites in .NET 6 / GET Request Timeout
Command prompt to check TLS version required by a host
MQ Client -> MQ Server TLS Communication fails with different errorrs AMQ9665E
Blazor server and ASPNET Identity: going through FW only works when certificate has the same DNS name as the site in the subject alternative name
Server POST request works with http but not with https ERROR: routines::packet length too long
Is TLS 1.1 and TLS 1.2 enabled by default for .NET 4.5 and .NET 4.5.1?
SSL V3 Handhake failure via FTP_TLS()
Enable and Disable TLS and SSL in IE on windows 10 local machine(not windows server) using powershell