When configuring XCOM to use SSL on XCOM for UNIX, got the following error:

XCOMU0780E Txpi  316: TxpiSSL peer certificate: Certificate verification failed (DNS name does not match) error 5:

XCOM™ Data Transport® for UNIX/Linux PC

This is a configuration problem in the configssl.cnf:

# Mandatory, YES/NO
[VERIFY_MACHINE]
INITIATE_SIDE = YES
RECEIVE_SIDE = YES

but the actual DNS or HOSTNAME was not defined in the certificates or configssl.cnf.

When you want to do "machine verification" with SSL as you have specified, you must generate the certificates with a valid DNS and specify that in the configssl.cnf as the HOST_NAME. 

If using the XCOM sample certificates:

1. Remove your existing certificates
2. Modify the cassl.conf. You would have to modify 2 sections in the file. Those sections are: 
   1. [ SSL_client_extensions ]
   2. [ SSL_server_extensions ]
3. In those sections you would modify the "subjectAltName = email:copy,DNS:hostname.com", specifically the DNS part. You must put the valid actual DNS of both the client and then the server.

Note: You have to specify actual names.

If you don't want "machine" verification, then turn off the parameter in the configssl.cnf.