On 08/11/2014 04:55 PM, Nathan of Guardian wrote: > i've been happily using ChatSecure for iOS for some time. on July > 7th, it warned > me that the TLS cert for talk.google.com had changed. i accepted it and > ended up with the app telling me i now have a cert saved with SHA1 > 96:d7:17:4a:aa:71:6e:85:3f:57:b0:ce:3c:40:64:55:f4:7b:1f. > > i've been trying to verify the hash from the command line, but haven't been > able to. i'm using this one-liner: > === > $ openssl s_client -connect talk.google.com:5223 2>&1 | sed -ne '/-BEGIN > CERTIFICATE-/,/-END CERTIFICATE-/p' | openssl x509 -noout -fingerprint > === > it currently spits out: > SHA1 Fingerprint=05:E7:8E:8D:CB:85:04:1F:D2:99:8C:3F:F9:D3:2F:4F:2D:FB:67:39 > > does anybody have a recipe for generating an SH1 that matches the > 96:d7:17:4a:aa:71:6e:85:3f:57:b0:ce:3c:40:64:55:f4:7b:1f one that > ChatSecure stored or can anybody tell me what i'm dong wrong?
I think you want to try talk.l.google.com possibly, using port 5222. It is "starttls" Here is some java code that can help fetch certs: https://github.com/binaryparadox/JabberPinFetch You can also run tests here: https://xmpp.net/result.php?domain=gmail.com&type=client _______________________________________________ Guardian-dev mailing list Post: [email protected] List info: https://lists.mayfirst.org/mailman/listinfo/guardian-dev To Unsubscribe Send email to: [email protected] Or visit: https://lists.mayfirst.org/mailman/options/guardian-dev/archive%40mail-archive.com You are subscribed as: [email protected]
