haxe（php）https call：stream_socket_client（）对等证书CN与预期的CN不匹配

Question

I am using haxe's Http class (compiled to php) to send a request() over https to AWS. Here a minimal example using the haxe-aws library ( https://github.com/Blank101/haxe-aws ):

var iamconf = new IAMConfig('newbucket.s3-eu-central-1.amazonaws.com', accessKey, secretKey, 'eu-central-1', 's3');
var sig4 = new Sig4Http('https://newbucket.s3-eu-central-1.amazonaws.com/', iamconf);
sig4.applySigning(true);
sig4.setPostData('<CreateBucketConfiguration xmlns="http://s3.amazonaws.com/doc/2006-03-01/"><LocationConstraint>eu-central-1</LocationConstraint></CreateBucketConfiguration>');
sig4.request(true);

No matter which service/endpoint I use, the response is always:

stream_socket_client(): Peer certificate CN=`*.s3.eu-central-1.amazonaws.com' did not match expected CN=`54.231.192.50' (errno: 2) in [...]lib\sys\net\Socket.class.php at line #34

Requests over http work. Any ideas?

Edit: The responsible part of the code why the IP address is used to connect and not the name:

if(!php_Boot::$skip_constructor) {
  if(_hx_deref(new EReg("^(\\d{1,3}\\.){3}\\d{1,3}\$", ""))->match($name)) {
    $this->_ip = $name;
  } else {
    $this->_ip = gethostbyname($name);
    if($this->_ip === $name) {
      $this->ip = 0;
      return;
    }
  }
}

Answer 1

As pointed out here https://groups.google.com/forum/#!msg/haxelang/JMSBpF2sOi0/QpoNEjk9EQAJ and here http://php.net/manual/en/migration56.openssl.php the openssl extension in PHP 5.6 uses peer verification per default. Hence, switching back to PHP 5.5 is a workaround because peer verification is disabled here. However it still uses the IP address instead of the hostname and therefore does not solve the root of the problem.