使用X509_check_host单独处理CN/SAN匹配的校验，忽略verify_callback中域名不匹配的错误。

platform/src/ssl_trusted_cert_storage.cpp

@@ -323,6 +323,11 @@ static int verify_callback(int preverify_ok, X509_STORE_CTX *ctx)
 		case	X509_V_ERR_CRL_HAS_EXPIRED:
 			ret=1;
 			break;
+		case	X509_V_ERR_HOSTNAME_MISMATCH:
+		case	X509_V_ERR_EMAIL_MISMATCH:
+		case	X509_V_ERR_IP_ADDRESS_MISMATCH:
+			ret=1;	//host match is verfied via X509_check_host
+			break;
 		default:
 			ret=0;
 			break;