Hi, first of all, a big thank-you to the Icinga team (and VW :-)) for the new On-Demand signing feature and CA Proxy. Quite exactly what I was waiting for, given the fact that I'm running a couple of multi-level Icinga 2 setups.
However, in my current lab experiments with the new features I'm stuck at a point where I want/need to verify the fingerprints of CSRs submitted to the CA, but ... how? The fingerprint shown with 'icinga2 ca list' looks like an SHA256 hash of something. But unfortunately I can't find out what it is an SHA256 hash of, and so I can't verify the requests ... which is even worse as the goal is to automate the process altogether. On the other hand, even with manual verification there's still the problem that I need to compare it to something, and the only thing I have is the fingerprint (and host name/timestamp) 'icinga2 ca list' gives me. Any hints where I can look? Best regards, Peter. _______________________________________________ icinga-users mailing list icinga-users@lists.icinga.org https://lists.icinga.org/mailman/listinfo/icinga-users
