From 6c48e52f16a0f0e4a23deeb9e4033fb731bc4521 Mon Sep 17 00:00:00 2001 From: Matthias Andree Date: Sun, 30 Oct 2005 20:09:57 +0000 Subject: Man page: --sslfingerprint points user to x509(1ssl) and gives an example how to use it. Debian Bug#213484, Eduard Bloch. svn path=/trunk/; revision=4378 --- NEWS | 2 ++ fetchmail.man | 10 ++++++++++ 2 files changed, 12 insertions(+) diff --git a/NEWS b/NEWS index f9da8853..f79f7ec4 100644 --- a/NEWS +++ b/NEWS @@ -254,6 +254,8 @@ fetchmail 6.3.0 (not yet released officially): broken in a 6.2.6-pre, 6.2.5.2 and older were fine. Matthias Andree * Do not break some other process's lockfile in "-q" mode, but wait for the other process's exit. Matthias Andree +* Man page: --sslfingerprint points user to x509(1ssl) and gives an example + how to use it. Debian Bug#213484, Eduard Bloch. (MA) # INTERNAL CHANGES * Switched to automake. Matthias Andree. diff --git a/fetchmail.man b/fetchmail.man index 9343255f..0eec15ea 100644 --- a/fetchmail.man +++ b/fetchmail.man @@ -418,6 +418,16 @@ and the one fetchmail uses to report the fingerprint when an SSL connection is established. When this is specified, fetchmail will compare the server key fingerprint with the given one, and the connection will fail if they do not match. This can be used to prevent man-in-the-middle attacks. +.IP +To obtain the fingerprint of a certificate stored in the file cert.pem, +try: +.sp +.nf + openssl x509 -in cert.pem -noout -fingerprint +.fi +.sp +For details, see +.BR x509 (1ssl). .SS Delivery Control Options .TP .B \-S | \-\-smtphost -- cgit v1.2.3