On Mon, Oct 07, 2013 at 09:06:09AM -0400, Dan Langille wrote:
> ># cat /usr/local/etc/postfix-config/main/relay_clientcerts
> >3A:2E:AB:6A:F1:D4:32:74:C9:C6:DD:2B:8D:2A:87:97 cliff.example.org
> >
> >This looks like md5, and while still largely resistant to 2nd
> >preimage attacks, you should still avoid it.
>
> It is indeed MD5. I've changed to sha1 and obtained the new
> fingerprint via:
>
> openssl x509 -noout -in cliff.example.org.crt -fingerprint
>
Don't forget:
main.cf:
smtpd_tls_fingerprint_digest = sha1
--
Viktor.
