SSL Certificate
Site Certificate
Here is a text copy of the SSL certificate which belongs to this site:
-----BEGIN CERTIFICATE----- MIID6TCCA1KgAwIBAgIJAKdafQ+lh4DDMA0GCSqGSIb3DQEBBQUAMIGqMQswCQYD VQQGEwJVSzERMA8GA1UECBMIU2NvdGxhbmQxEjAQBgNVBAcTCUVkaW5idXJnaDEe MBwGA1UEChMVRGViaWFuIEFkbWluaXN0cmF0aW9uMSYwJAYDVQQDEx13d3cuZGVi aWFuLWFkbWluaXN0cmF0aW9uLm9yZzEsMCoGCSqGSIb3DQEJARYdc3NsQGRlYmlh bi1hZG1pbmlzdHJhdGlvbi5vcmcwHhcNMDgwNjI1MTUxNjQzWhcNMDkwNjI1MTUx NjQzWjCBqjELMAkGA1UEBhMCVUsxETAPBgNVBAgTCFNjb3RsYW5kMRIwEAYDVQQH EwlFZGluYnVyZ2gxHjAcBgNVBAoTFURlYmlhbiBBZG1pbmlzdHJhdGlvbjEmMCQG A1UEAxMdd3d3LmRlYmlhbi1hZG1pbmlzdHJhdGlvbi5vcmcxLDAqBgkqhkiG9w0B CQEWHXNzbEBkZWJpYW4tYWRtaW5pc3RyYXRpb24ub3JnMIGfMA0GCSqGSIb3DQEB AQUAA4GNADCBiQKBgQDGiduieJLpVTd7nYp93mzIY0su8nTEMesqvStGxdfqX/QT H2waMTFgH3b17VPOoXvJlebpXPNE9+XPwYNpt1S3/oNxNfbhSwpNpFvDHIuff/s6 Vdjz+dfPl/plR9ioWv00OrTmmLPtZcdhnFKvhtAjIIPLe0dEUxLLDNw5cpOZTQID AQABo4IBEzCCAQ8wHQYDVR0OBBYEFETCGeh7GWkpk6vOT2UJ3EWf4YbBMIHfBgNV HSMEgdcwgdSAFETCGeh7GWkpk6vOT2UJ3EWf4YbBoYGwpIGtMIGqMQswCQYDVQQG EwJVSzERMA8GA1UECBMIU2NvdGxhbmQxEjAQBgNVBAcTCUVkaW5idXJnaDEeMBwG A1UEChMVRGViaWFuIEFkbWluaXN0cmF0aW9uMSYwJAYDVQQDEx13d3cuZGViaWFu LWFkbWluaXN0cmF0aW9uLm9yZzEsMCoGCSqGSIb3DQEJARYdc3NsQGRlYmlhbi1h ZG1pbmlzdHJhdGlvbi5vcmeCCQCnWn0PpYeAwzAMBgNVHRMEBTADAQH/MA0GCSqG SIb3DQEBBQUAA4GBAECExBZTjVRP0djC7wJJmiq4KjSwhuQtl6y0gtvHF/e0iucH kHtIkLfoE36iu0+eEVx8N40mNs2UMp0999aNQ19NNgYcWeyS/s80A9wvZjlN2ZUm WpDFWCeVXJxDsfz8m3v6Ac+KB12b1iHtLQDMhB4te5gGccmjdoqA+lFXijB+ -----END CERTIFICATE-----
This certificate was obtained by executing:
/usr/bin/openssl s_client -connect localhost:443
Certificate Signature
This certificate is signed by my GPG key, which you can find using your favourite keyserver (or in the debian-keyring package):
-----BEGIN PGP MESSAGE----- Version: GnuPG v1.4.6 (GNU/Linux) owGlVMuO40QUbWYYCRlGaDawRUKwiSBOnO5OVqjKLr/iqk7Zjh1nRfyI34kz8SsR azQSG4TEAg2PL2CB0OxYzAKxQ/wEGxDfACTdatSiGTZdy6t7dO+pe8759OH9k3uP nv/y0/c/aw+/eunbB5+7r3jB4/L9si1l98P2veODSFLIWzzSTUVUeGCiyyqDFUU4 M3ke9MYhaBQIQkUFY3+xpJ0sGggCBqzEGxvJUFxOoAhCOgVYkTaYbhueOgJjUSqh RrWMPdIxGEqgN0U8xMq0T2pfaiM3py1KAIUhsSDwTH5qpQv7NPZn6mohoIDBsLkC RdjSJSte2GKlIDF17axazAjr5SK7sEcVNpxGBY5wGCigtsf5nFfND/3MEaDZtwFa PtrN92iL+fVNCirQHd/jyJZKeubkWcS4cS+aS73CzbO9L6uRL2W1G5/WXu41cuQR LIQNSZQeNqctSejevqyl/9SYy2LCw02CNAzSSzowwrw13bbIBJMr7qHJiyRxOX3r 2Kcp1pUGXdGRGdRk4lzKKmdl7eb9sJUT4F2B1qY4vVrTjSG8tWWCcsxTiTlOBC32 /cO3aPk14IW0Wk0AGximmyiNpVHDQoanyJZnZO8imM5ttXDsQenYenk4VeFx+s6Z 6YXbH1Qup64O91/+WxcMOAgDDCQCBB7GdAxDKkixX8WBqhWW6Z+vnGLE5XvFYbfV cGUiHGw3tVFKrb/czLrUZOR+s8CmGMqc2zu3JhfrWa1mgVvMJgSNOrNJ45Ci7Blc d01asnQjoylIIdaCrFTLZXd7xlh+su/4y0nWLTJ9FK/tmmUvHpt5rk3KuedHK3Fc RyVIFGWiBayPpq2mCaQ59YqLuUkV4UABwPVAgWh/8AMdNvJB35bOXkDoIBGZvBRE 55KdFulZfWH2pyqH7OXAcQ9il5fHazGygVHoe03oG+D/AGtHagpFKm8a6egj5i5G OvqIuYuRjv3MXYx0FBzz34oLeJ7yK3vFTgonAM0e4CMNWccImkAAVO5eC4q5mTQH QUGAeNTCuZlY+oT1E/68UdU83gzGidFEFS2zsx0blrUsdgM2rjyZSeVSSbXlGnFn ccV2AmS1QzJgc7LtT3HBjkajBaG9ESGh49nBzuhuhywYNfU8yUh/Ps0ZuxBEmw+s mdoK2+V+mHP1GfA6Y9jru71YLjUq4AgOyuA0lDwvT/z1BnQycRYnsMNcxioiwu2o ffLB/Qcnxzy+TupH974wTr5+98nbzz757Tn/TvTarz98l/wxK5/uTr589c9vnn32 9K/XX/6Iflyevzn+/Y0f6d8= =5KNA -----END PGP MESSAGE-----
Verifying the certificate
You can verify the validity of this certificate-signature by running the following commands:
wget -q -O- 'http://www.debian-administration.org/about/SSL%20Certificate' | \ gpg --decrypt | \ openssl x509 -fingerprint -subject -out d-a.org.crt
This should give you output which looks something like this:
gpg: Signature made Wed Jun 25 16:12:56 2008 BST using DSA key ID CD4C0D9D gpg: please do a --check-trustdb gpg: Good signature from "Steve Kemp [steve@steve.org.uk]" gpg: aka "Steve Kemp [skx@debian.org]" SHA1 Fingerprint=C8:BF:64:52:DD:57:AB:B5:42:B7:49:ED:98:CE:40:B8:A5:60:E7:68 subject= /C=UK/ST=Scotland/L=Edinburgh/O=Debian Administration/CN=www.debian-administration.org/emailAddress=ssl@debian-administration.org
If you receive errors please do let me know
Mandatory Secure Logins
If you wish to ensure that you always receive a secure connection, a secure login, and that people cannot sniff your traffic in transite you can visit the advanced login page to setup your options.