summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorGuilhem Moulin <guilhem.moulin@fripost.org>2014-04-12 16:25:07 +0200
committerGuilhem Moulin <guilhem.moulin@fripost.org>2014-04-12 16:25:07 +0200
commit450ea60e64edac39b14a65817a42e3752a58e8b2 (patch)
tree467ac7acbe60c45b6bd1ec187460b2b40ffc6457
parente59512ee940bae538e181fedab53b6614c5e9b9a (diff)
Put the certs on the website.
-rw-r--r--certs.asc83
1 files changed, 0 insertions, 83 deletions
diff --git a/certs.asc b/certs.asc
deleted file mode 100644
index 9d1d8d2..0000000
--- a/certs.asc
+++ /dev/null
@@ -1,83 +0,0 @@
------BEGIN PGP SIGNED MESSAGE-----
-Hash: SHA512
-
-The following is an up-to date list of SHA-1 and SHA-256 fingerprints of all
-X.509 certificates Fripost uses on its publicly available services. Please
-consider any mismatch as a man-in-the-middle attack, and let us know
-immediately! -- admin@fripost.org
-
-
- * IMAP server
- imap.fripost.org:993
- SHA1 BE:CA:4E:39:C6:11:6B:FC:70:38:6C:DB:A6:7E:1C:10:2A:E5:09:C4
- SHA256 12:D5:03:C2:D5:1C:D6:55:A9:50:FB:A4:99:69:E8:DC:3A:DE:50:74:D7:2A:F9:70:F2:80:73:13:CA:4D:56:B1
-
- * SMTP servers (STARTTLS)
- smtp.fripost.org:587 (Mail Submission Agent)
- SHA1 03:87:02:C9:6E:01:D3:AD:BC:EC:77:CC:A5:C5:37:C1:D8:C1:29:BC
- SHA256 6C:89:92:3C:A2:53:E0:14:9E:14:11:17:FF:FA:EB:12:3E:BA:0A:B0:C2:BE:70:18:8C:3D:7A:69:EB:00:5E:BB
-
- mx1.fripost.org:25 (1st Mail eXchange)
- SHA1 E0:3C:E7:05:2D:2E:99:7B:EF:A1:D0:5A:A7:79:2C:6D:0B:66:FD:17
- SHA256 1B:B2:4B:47:8F:8A:7A:28:F0:AC:0C:EE:A5:29:7A:F2:6A:D2:11:81:AA:DD:F7:77:A0:EA:89:A6:DD:2A:59:56
-
- * Web servers
- fripost.org:443 (website), mail.fripost.org:443 (webmail), lists.fripost.org:443 (list manager)
- SHA1 E1:82:59:FD:7F:9A:11:EF:DC:1B:46:3B:AB:9F:F6:BB:A0:E4:D4:59
- SHA256 7D:F2:7C:67:90:91:EB:5E:1E:25:D0:7B:A4:A5:72:9F:EA:20:EC:F0:74:1C:25:66:1D:72:56:A3:3B:53:D9:9A
-
- wiki.fripost.org:443 (wiki)
- SHA1 96:4E:77:71:F3:2B:C7:60:50:58:37:53:C4:B1:F1:50:95:69:FD:C0
- SHA256 D0:02:01:81:03:86:F3:53:8A:BA:DE:7D:07:D5:E0:31:D8:5B:5D:35:72:BC:68:8B:E4:BF:86:33:42:43:21:90
-
- git.fripost.org:443 (git server and its web interface)
- SHA1 EA:50:38:19:38:6A:49:BF:5D:3C:4D:04:64:6F:0D:D3:AC:20:76:C2
- SHA256 08:D9:18:05:A3:F5:B6:8E:20:81:E1:8A:36:1B:44:AD:4E:36:6D:D1:BA:FC:3D:26:F9:F5:4B:68:A9:0F:F3:21
-
- antilop.fripost.org:443 (list manager)
- SHA1 6F:1A:3B:0F:2C:5A:BC:33:09:C6:D4:F8:43:2C:07:6E:B0:FD:DB:7B
- SHA256 FA:AC:E2:4C:C7:DD:D8:A6:24:20:0E:48:FC:91:D2:F0:CC:BD:BD:57:B1:F9:67:84:73:96:F1:90:4C:50:C1:F1
-
-
-If you want to retrieve the whole certificate, you can run
-
- openssl s_client -connect imap.fripost.org:993 </dev/null
-
-(For protocols using the STARTTLS directive such as SMTP, you'll have to call
-s_client with '-starttls smtp'. Other useful options are '-showcerts', which
-prints the whole server certificate chain.)
-
-You'll find the X.509 certificate wrapped between
-
- -----BEGIN CERTIFICATE-----
- [...]
- -----END CERTIFICATE-----
-
-If you store it into /path/to/certificate.pem, you can then ensure that its
-fingerprint matches that above:
-
- openssl x509 -in /path/to/certificate.pem -noout -fingerprint -sha1
- openssl x509 -in /path/to/certificate.pem -noout -fingerprint -sha256
-
-Alternatively, using a pipe:
-
- openssl s_client -connect imap.fripost.org:993 </dev/null \
- | openssl x509 -noout -fingerprint -sha256
-
------BEGIN PGP SIGNATURE-----
-Version: GnuPG v2.0.22 (GNU/Linux)
-
-iQIcBAEBCgAGBQJTSBuIAAoJENOaSZw8IaVS77cQAJA6w51Ss75liPB13g10YT0L
-+JB9GP+i02Fndcl6/1N1/6mAJ14tb/hKZJxf+nMZBtkP5LC5/D4Ag+jeIO4iarmm
-q3RI3iGHh3nTJOZFE8NAxmihVYJPh2HhX3t8Q13TiK6odPnHMNggXLXYvvxWN/X8
-wLGjd/bHIhVoa1I34xZqJy/WB+dznBNlP5yLXutXvTtboRwuvhD8/RO78Unm4JKd
-dCf1XFBdsmX84J6vgYU5EeSRTNlNgsaQFksXSojD2IWPbgrTRgdo6whpF3ST5QaY
-Y8A8G3MWDXnSTRXwwWntFsWtNLKS60T4q40YLVu4ilWvo0urenPkAyehhcbOB2VD
-xadDFajvcl6tEewG/lIfUI68w9fXuKMKIKPfNuR1ieBI+dHpb2sOHEYlSTV8yr7C
-nnxBiwyr0vuDIthOGUWkl8iBAAVEI5Tp/swwZc15HUTrJLd8QT0+3kfBi9yxXx7z
-gVfrbu6nRgBMUiteGGXwLepu+oEMbbaw4zEbWlUe6CNHmXjnqMWSMQSmMXXrJCLY
-FvrN2FiwMrZE21xnmL+ol8edKTFfsQ0ZhC1kSQE+IyyZzbL8NtqnsWLH/pwPSjF9
-r1RE08AGjHxU0QuUc2Wz4pASOpORS/mBbZ5wwg1W/kyDWvvmN6y/9qGPu8HzhiWn
-f4cklx2hCiJkFMZQr0h6
-=G2N2
------END PGP SIGNATURE-----