Josef Wolf wrote:
>Do you know a better way? tinyca gave me the md5, probably because this
>is the default with RSA keys. svn presented sha1. How do I verify that
>the certificate is valid when I have only md5 and svn presents me sha1?
>
>
[I agree with everything Sussman has said, and I can confirm that neon
is only giving us the SHA-1 fingerprint, although it does not seem to be
documented anywhere.]
There are two problems here. The first is that Subversion does not
specify that it's displaying the SHA-1 fingerprint (although you tell in
a hackish way by the different fingerprint size), and the second is that
tinyca (which I know nothing about, btw) does not show you the SHA-1
fingerprint. I will work on making Subversion say that it's showing the
SHA-1 fingerprint, but you might want to contact the author of tinyca to
also show the SHA-1 fingerprint as well as the MD5 fingerprint.
In the mean time, you should be able to generate an SHA-1 fingerprint
when you create the certificate using openssl using something like
openssl x509 -in server.crt -noout -fingerprint -sha1
/Tobias
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Mon Feb 28 18:49:51 2005