summaryrefslogtreecommitdiff
path: root/README.adoc
diff options
context:
space:
mode:
authorPřemysl Eric Janouch <p@janouch.name>2022-09-26 13:56:45 +0200
committerPřemysl Eric Janouch <p@janouch.name>2022-09-26 13:58:08 +0200
commit7c74e6615dcf3d1ec288028ee1e49d2556cafffe (patch)
tree583ac1609799b525b4e9d312a5ae69d0a19ada19 /README.adoc
parent614fd98fc1c78a1106928dcc1644abc520777956 (diff)
downloadxK-7c74e6615dcf3d1ec288028ee1e49d2556cafffe.tar.gz
xK-7c74e6615dcf3d1ec288028ee1e49d2556cafffe.tar.xz
xK-7c74e6615dcf3d1ec288028ee1e49d2556cafffe.zip
xD: use SHA-256 for certificate fingerprints
Just like xS. 2.0.0 is the ideal time for such a breaking change.
Diffstat (limited to 'README.adoc')
-rw-r--r--README.adoc4
1 files changed, 2 insertions, 2 deletions
diff --git a/README.adoc b/README.adoc
index 0bf29b2..beb03b4 100644
--- a/README.adoc
+++ b/README.adoc
@@ -141,10 +141,10 @@ Client Certificates
certificate specified by the respective server's `tls_cert` option if you add
`sasl` to the `capabilities` option and the server supports this.
-'xD' uses SHA-1 fingerprints of TLS client certificates to authenticate users.
+'xD' uses SHA-256 fingerprints of TLS client certificates to authenticate users.
To get the fingerprint from a certificate file in the required form, use:
- $ openssl x509 -in public.pem -outform DER | sha1sum
+ $ openssl x509 -in public.pem -outform DER | sha256sum
Custom Key Bindings in xC
-------------------------