tried as client to connect to a websocket server via wss. In the URL I entered the IP-address of the server (172.18.12.211)
Everytime I got the error:
SSL Error: The host name did not match any of the valid hosts for this certificate
I looked inside the server certificate but everything seemed OK to me:
X509v3 Subject Alternative Name:
IP Address:FE80:0:0:0:316D:360F:7CCF:23FB, IP Address:172.18.12.211, DNS:*.domain.com, DNS:localhost

So I had a look at the Qt sources, especially qtbase/src/network/ssl/qsslsocket.cpp:
There I could see, that it is searched for DNS entries in the Subject "Aternative Name" in a Ceritificate, but not for IP Address.

{{}}

bool QSslSocketPrivate::isMatchingHostname(const QSslCertificate &cert, const QString &peerName) { const QString lowerPeerName = QString::fromLatin1(QUrl::toAce(peerName)); const QStringList commonNames = cert.subjectInfo(QSslCertificate::CommonName); for (const QString &commonName : commonNames) { if (isMatchingHostname(commonName, lowerPeerName)) return true; } const auto subjectAlternativeNames = cert.subjectAlternativeNames(); const auto altNames = **subjectAlternativeNames.equal_range(QSsl::DnsEntry);** for (auto it = altNames.first; it != altNames.second; ++it) { if (isMatchingHostname(*it, lowerPeerName)) return true; } return false; } 

{{}}

Since "IP Address" is a valid entry in the Subject "Aternative Name" of a Ceritificate, I'm wondering, why this is not considered in the Qt sources?