On Sat, Oct 23, 2010 at 21:00:51 -0600, Joseph wrote: > I get: > 578d5c04 > SHA1 Fingerprint=D2:32:09:AD:23:D3:14:23:21:74:E4:0D:7F:9D:62:13:97:86:63:3A > > So this seems to be correct.
Yes, you have the correct fingerprint, but your hash is different than mine... > > It seems to I have them all: > ls -l /etc/ssl/certs/ | grep -i quifax > > lrwxrwxrwx 1 root root 33 Oct 10 23:11 4597689c.0 -> > Equifax_Secure_eBusiness_CA_2.pem > lrwxrwxrwx 1 root root 21 Oct 10 23:11 578d5c04.0 -> > Equifax_Secure_CA.pem > lrwxrwxrwx 1 root root 33 Oct 10 23:11 79ad8b43.0 -> > Equifax_Secure_eBusiness_CA_1.pem > lrwxrwxrwx 1 root root 38 Oct 10 23:11 ef2f636c.0 -> > Equifax_Secure_Global_eBusiness_CA.pem Yes, you have the same ones I have -- but once again, the hashes are all different from mine. The hashes are used by the openssl library as it builds the certificate chain, so this might be a clue to the underlying cause of your problems.... Hmm, I see from the bottom of the current "openssl x509" man page: http://www.openssl.org/docs/apps/x509.html that the default hash format has changed as of OpenSSL 1.0.0. So, I'm wondering if you have v1.0.0 of the openssl tools installed, but fetchmail is still linked against libssl v0.9.8, or something like that? Nathan
