diff options
| -rw-r--r-- | NEWS | 2 | ||||
| -rw-r--r-- | fetchmail.man | 10 |
2 files changed, 12 insertions, 0 deletions
@@ -254,6 +254,8 @@ fetchmail 6.3.0 (not yet released officially): broken in a 6.2.6-pre, 6.2.5.2 and older were fine. Matthias Andree * Do not break some other process's lockfile in "-q" mode, but wait for the other process's exit. Matthias Andree +* Man page: --sslfingerprint points user to x509(1ssl) and gives an example + how to use it. Debian Bug#213484, Eduard Bloch. (MA) # INTERNAL CHANGES * Switched to automake. Matthias Andree. diff --git a/fetchmail.man b/fetchmail.man index 9343255f..0eec15ea 100644 --- a/fetchmail.man +++ b/fetchmail.man @@ -418,6 +418,16 @@ and the one fetchmail uses to report the fingerprint when an SSL connection is established. When this is specified, fetchmail will compare the server key fingerprint with the given one, and the connection will fail if they do not match. This can be used to prevent man-in-the-middle attacks. +.IP +To obtain the fingerprint of a certificate stored in the file cert.pem, +try: +.sp +.nf + openssl x509 -in cert.pem -noout -fingerprint +.fi +.sp +For details, see +.BR x509 (1ssl). .SS Delivery Control Options .TP .B \-S <hosts> | \-\-smtphost <hosts> |