diff options
| author | Přemysl Eric Janouch <p@janouch.name> | 2022-09-26 13:56:45 +0200 |
|---|---|---|
| committer | Přemysl Eric Janouch <p@janouch.name> | 2022-09-26 13:58:08 +0200 |
| commit | 7c74e6615dcf3d1ec288028ee1e49d2556cafffe (patch) | |
| tree | 583ac1609799b525b4e9d312a5ae69d0a19ada19 /README.adoc | |
| parent | 614fd98fc1c78a1106928dcc1644abc520777956 (diff) | |
| download | xK-7c74e6615dcf3d1ec288028ee1e49d2556cafffe.tar.gz xK-7c74e6615dcf3d1ec288028ee1e49d2556cafffe.tar.xz xK-7c74e6615dcf3d1ec288028ee1e49d2556cafffe.zip | |
xD: use SHA-256 for certificate fingerprints
Just like xS. 2.0.0 is the ideal time for such a breaking change.
Diffstat (limited to 'README.adoc')
| -rw-r--r-- | README.adoc | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/README.adoc b/README.adoc index 0bf29b2..beb03b4 100644 --- a/README.adoc +++ b/README.adoc @@ -141,10 +141,10 @@ Client Certificates certificate specified by the respective server's `tls_cert` option if you add `sasl` to the `capabilities` option and the server supports this. -'xD' uses SHA-1 fingerprints of TLS client certificates to authenticate users. +'xD' uses SHA-256 fingerprints of TLS client certificates to authenticate users. To get the fingerprint from a certificate file in the required form, use: - $ openssl x509 -in public.pem -outform DER | sha1sum + $ openssl x509 -in public.pem -outform DER | sha256sum Custom Key Bindings in xC ------------------------- |