Skip to content

GitLab

  • Projects
  • Groups
  • Snippets
  • Help
    • Loading...
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
  • Sign in / Register
poezio
poezio
  • Project overview
    • Project overview
    • Details
    • Activity
    • Releases
  • Repository
    • Repository
    • Files
    • Commits
    • Branches
    • Tags
    • Contributors
    • Graph
    • Compare
  • Issues 204
    • Issues 204
    • List
    • Boards
    • Labels
    • Service Desk
    • Milestones
  • Merge Requests 9
    • Merge Requests 9
  • CI / CD
    • CI / CD
    • Pipelines
    • Jobs
    • Schedules
  • Operations
    • Operations
    • Incidents
    • Environments
  • Packages & Registries
    • Packages & Registries
    • Container Registry
  • Analytics
    • Analytics
    • CI / CD
    • Repository
    • Value Stream
  • Members
    • Members
  • Collapse sidebar
  • Activity
  • Graph
  • Create a new issue
  • Jobs
  • Commits
  • Issue Boards
  • poezio
  • poeziopoezio
  • Issues
  • #3531

Closed
Open
Opened Sep 16, 2020 by Maxime Buquet@ppjetMaintainer

Improve certificate verification

Certificate verification is awkward in poezio. From what I understand we're keeping track of the private key's fingerprint? And I don't know how we ensure anything about the trustchain, if we do.

When things don't match our expectations we show a dialog with this fingerprint, that doesn't correspond to something that is easily retrievable and seems to confuse users (me included).

In the meantime, this has been given in the channel a few years ago to try and get close to that fingerprint. (See logs at 20171009T09:53:33Z).

echo | openssl s_client -connect your.server:5222 -starttls xmpp | openssl x509 -noout -in certificate.pem -pubkey | openssl asn1parse -noout -inform pem -out public.key; openssl dgst -sha256 -binary public.key | openssl enc -base64
To upload designs, you'll need to enable LFS and have admin enable hashed storage. More information
Assignee
Assign to
None
Milestone
None
Assign milestone
Time tracking
None
Due date
None
Reference: poezio/poezio#3531