Replace cert hash with SPKI
With LetsEncrypt and ACME, certificates are limited to 90 days. There is some probability that the private key used will have a longer life-time in XMPP-land. Therefore, please anchor the server identity on the SPKI and not on the cert hash.
- Revision ef84a109 by mathieui on 2017-10-09T22:52:44Z:
Fix #3190 (TOFU the SPKI hash and not the whole cert) Makes letsencrypt renewals more pleasant. Thanks jonasw and aioxmpp for the ASN.1 wizardry