summaryrefslogtreecommitdiffstats
path: root/website/certs.mdwn
blob: 797cefc4b1b8eae1106518f09b8715615d35c7b1 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95

# Certificates at Fripost

The following is an up-to date list of SHA-1 and SHA-256 fingerprints of all
X.509 certificates Fripost uses on its publicly available services.  Please
consider any mismatch as a man-in-the-middle attack, and let us know
immediately!  (See also the [[signed version of this page|certs.asc]].)
-- [[admin@fripost.org|mailto:admin@fripost.org]]


All our X.509 certificates are available in PEM format under our
[[Git repository|https://git.fripost.org/fripost-ansible/tree/certs/public]],
from which this fingerprint list was [[generated|https://git.fripost.org/fripost-ansible/tree/certs/gencerts.sh]], at
[[Commit ID 03bc468 from Wed, 2 Dec 2015 23:14:30 +0100|https://git.fripost.org/fripost-ansible/tree/certs/public?id=03bc468e0dab47c9720d3ffa78ab3880d11870b5]].


 * IMAP server

    imap.fripost.org:993 (IMAP over SSL), sieve.fripost.org:4190 (ManageSieve, STARTTLS)

        X.509 SHA1   8A:81:CF:C3:04:01:BC:C6:58:03:CB:4B:61:F0:C9:0B:09:51:B8:F8
        X.509 SHA256 52:BA:FF:9F:7A:6B:7B:50:51:CB:64:BE:46:72:65:8E:D6:FC:3C:CE:5B:6C:9F:9F:E0:58:00:7B:8F:13:6E:D3
        PKey  SHA1   2C:E3:FB:47:F3:74:38:11:36:D6:5A:44:FF:D4:F5:45:37:96:9E:61
        PKey  SHA256 C7:F6:2E:72:F6:63:98:C3:A8:CA:5E:2C:FF:EC:1B:57:A4:8B:1E:45:21:94:62:43:4E:FB:23:7A:0A:95:57:6E

 * SMTP servers (STARTTLS)

    smtp.fripost.org:587 (Mail Submission Agent)

        X.509 SHA1   03:87:02:C9:6E:01:D3:AD:BC:EC:77:CC:A5:C5:37:C1:D8:C1:29:BC
        X.509 SHA256 6C:89:92:3C:A2:53:E0:14:9E:14:11:17:FF:FA:EB:12:3E:BA:0A:B0:C2:BE:70:18:8C:3D:7A:69:EB:00:5E:BB
        PKey  SHA1   C9:5F:8B:E8:56:3A:3C:B7:2D:0A:D2:B5:0F:59:0D:E1:C1:26:E7:B5
        PKey  SHA256 92:BF:5E:D5:B0:4E:10:19:20:08:C4:70:D6:F3:F7:EC:5F:6E:75:D2:1F:9B:FF:4D:49:BD:B0:8A:68:90:49:BF


    mx1.fripost.org:25 (1st Mail eXchange)

        X.509 SHA1   A5:9D:30:9A:49:4E:45:02:05:4B:D9:F8:12:8E:EE:F3:A8:CD:5C:4A
        X.509 SHA256 85:C9:C3:07:D6:BB:4E:A2:66:DF:DA:3B:B8:A4:D6:B3:71:B0:48:05:DD:A6:87:83:3F:B5:3E:4F:CF:1E:30:5B
        PKey  SHA1   CE:37:86:CF:C8:CC:54:FA:46:93:A3:87:41:98:48:38:57:14:57:55
        PKey  SHA256 51:26:BF:58:89:19:90:C1:CD:0B:15:88:22:99:94:66:00:15:D1:37:DA:46:AA:F6:E9:76:27:F9:D2:5A:EF:B4


    mx2.fripost.org:25 (2nd Mail eXchange)

        X.509 SHA1   67:67:D2:A6:0A:E5:8F:83:A9:85:26:01:71:80:24:C6:0B:DA:30:4F
        X.509 SHA256 B1:F4:82:E9:6E:B7:B0:0A:4A:FE:BD:92:6C:8D:EE:F6:6E:8C:1B:33:D3:7A:4B:6E:FB:37:D9:21:62:99:C2:73
        PKey  SHA1   8B:FA:A2:46:4A:83:2E:B4:3F:D0:F8:95:C9:7F:1A:DD:E9:58:30:53
        PKey  SHA256 8A:58:76:E6:AD:55:4A:44:FB:E8:03:F2:56:1E:98:04:23:32:EA:BD:83:20:AC:D9:6D:3C:74:69:F4:9F:02:A0

 * Web servers

    fripost.org:443 (website), wiki.fripost.org:443 (wiki)

        X.509 SHA1   E1:82:59:FD:7F:9A:11:EF:DC:1B:46:3B:AB:9F:F6:BB:A0:E4:D4:59
        X.509 SHA256 7D:F2:7C:67:90:91:EB:5E:1E:25:D0:7B:A4:A5:72:9F:EA:20:EC:F0:74:1C:25:66:1D:72:56:A3:3B:53:D9:9A
        PKey  SHA1   5B:D6:82:A7:D2:CB:67:54:54:CD:69:42:AA:E5:89:14:68:87:11:47
        PKey  SHA256 CC:F1:F4:6C:54:29:04:05:5A:96:7E:20:8F:87:53:45:BE:CB:72:8E:40:E0:53:40:32:C0:B2:DC:E0:14:FD:BD


    mail.fripost.org:443 (webmail)

        X.509 SHA1   E1:82:59:FD:7F:9A:11:EF:DC:1B:46:3B:AB:9F:F6:BB:A0:E4:D4:59
        X.509 SHA256 7D:F2:7C:67:90:91:EB:5E:1E:25:D0:7B:A4:A5:72:9F:EA:20:EC:F0:74:1C:25:66:1D:72:56:A3:3B:53:D9:9A
        PKey  SHA1   5B:D6:82:A7:D2:CB:67:54:54:CD:69:42:AA:E5:89:14:68:87:11:47
        PKey  SHA256 CC:F1:F4:6C:54:29:04:05:5A:96:7E:20:8F:87:53:45:BE:CB:72:8E:40:E0:53:40:32:C0:B2:DC:E0:14:FD:BD


    lists.fripost.org:443 (list manager)

        X.509 SHA1   9B:EA:15:0C:B3:17:EC:CB:E5:38:DA:93:5C:1D:52:98:13:E4:8A:BC
        X.509 SHA256 04:86:AF:AB:68:35:D2:48:0C:F3:55:54:98:5D:2A:48:69:D7:C5:B2:CC:1C:F7:6F:F8:54:25:CF:E5:91:88:21
        PKey  SHA1   50:D8:27:64:38:DF:33:D4:C0:08:02:F3:B9:B2:D6:7C:01:44:B4:32
        PKey  SHA256 4E:BC:33:F9:8E:79:F8:4C:D7:AE:FA:CD:EB:BD:05:3F:96:7C:83:88:CA:AC:B5:B1:2C:E4:88:12:B2:A6:8D:18


    git.fripost.org:443 (git server and its web interface)

        X.509 SHA1   70:14:8A:A0:29:8E:53:65:8E:23:CF:BA:45:F1:0F:CB:68:81:AC:B6
        X.509 SHA256 84:2A:13:7A:B2:20:25:D6:38:8C:EE:8B:BC:A2:60:C5:AC:CD:8A:6B:67:17:B4:78:7F:97:3F:DE:7B:7D:83:B2
        PKey  SHA1   69:92:D4:A3:EF:57:3A:52:38:E5:9B:E1:91:0F:2D:62:FA:8B:E3:6A
        PKey  SHA256 4A:48:DB:F7:68:FA:C8:97:A2:8E:AA:60:F3:00:75:E2:CF:85:A2:3B:CD:DB:66:81:F8:16:46:87:41:7F:CE:E2

 * SSH server

    gitolite@git.fripost.org:22

        RSA    MD5:0b:e5:47:44:71:cb:41:7d:1e:1b:25:bc:28:e8:c3:a2
        RSA SHA256:zNZXfa/okPm/tV9dl3gNlizfXAghrMSgrcwICiWx+80


If your SSL/TLS-capable client is able to validate the public key
fingerprint of the remote peer certificate, then you should probably use
this (the above values prefixed with "PKey") instead of the fingerprint
of the certificate instead (the above values prefixed with "X.509"),
since the former typically doesn't change upon certificate renewal.
generated by cgit v1.2.3 (git 2.25.1) at 2024-04-29 04:07:39 +0000