[guardian-dev] verifying XMPP server certs

Marc Bejarano lists.mayfirst.org at beej.org
Mon Aug 11 16:45:11 EDT 2014


hi all,

i've been happily using ChatSecure for iOS for some time.  on July 7th,
it warned me that the TLS cert for talk.google.com had changed.  i accepted
it and ended up with the app telling me i now have a cert saved with SHA1
96:d7:17:4a:aa:71:6e:85:3f:57:b0:ce:3c:40:64:55:f4:7b:1f.

i've been trying to verify the hash from the command line, but haven't been
able to.  i'm using this one-liner:
===
$ openssl s_client -connect talk.google.com:5223 2>&1 | sed -ne '/-BEGIN
CERTIFICATE-/,/-END CERTIFICATE-/p' | openssl x509 -noout -fingerprint
===
it currently spits out:
SHA1 Fingerprint=05:E7:8E:8D:CB:85:04:1F:D2:99:8C:3F:F9:D3:2F:4F:2D:FB:67:39

does anybody have a recipe for generating an SH1 that matches
the 96:d7:17:4a:aa:71:6e:85:3f:57:b0:ce:3c:40:64:55:f4:7b:1f one that
ChatSecure stored or can anybody tell me what i'm dong wrong?

thanks!
marc
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.mayfirst.org/pipermail/guardian-dev/attachments/20140811/9113c0b6/attachment.html>


More information about the Guardian-dev mailing list