go to bug id or search bugs for
the description of CURLOPT_SSL_VERIFYHOST reads
" 1 to check the existence of a common name in the SSL peer certificate. 2 to check the existence of a common name and also verify that it matches the hostname provided. 0 to not check the names. In production environments the value of this option should be kept at 2 (default value). "
The "common name" in a certificate is deprecated and the modern way of having hostnames in certificates is the subjectaltname. The correct description would therefore be that it checks for either the common name or the Subject Alternative Name. See also curl upstream docs:
Add a Patch
Add a Pull Request