aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorAaron LI <aaronly.me@gmail.com>2016-02-03 14:24:07 +0800
committerAaron LI <aaronly.me@gmail.com>2016-02-03 14:24:07 +0800
commitf65c459b51bd1a1e4453a89512508de74f52e5b1 (patch)
tree3c78007c654103ee3f07d9f0fff500c835bd7e67
parent20bda32d5ec8393fe28422d453207fa261a4b09a (diff)
downloaddotfiles-f65c459b51bd1a1e4453a89512508de74f52e5b1.tar.bz2
Add _bin/get_cert.sh; Update README.md
-rw-r--r--README.md16
-rwxr-xr-x_bin/get_cert.sh39
2 files changed, 54 insertions, 1 deletions
diff --git a/README.md b/README.md
index 5f4f6f9..eec35f7 100644
--- a/README.md
+++ b/README.md
@@ -7,15 +7,29 @@ Personal & collected dotfiles ~~~
* `freebsd`: FreeBSD-specific configurations
+# Configuration Notes
+
+## Gmail IMAP
+* 'Auto-Expunge' => off: for better performance
+
+## msmtp: TLS
+* ``tls_fingerprint``:
+ ``$ msmtp --serverinfo --tls --tls-certcheck=off --host=<host>``
+
+## offlineimap: fingerprint
+Use the little script ``_bin/get_cert.sh``
+
# Explicit home or other path
Following files contains (at least currently) the *explicit*
home or other paths:
+* ``_notmuch-config``: database.path
* ``_config/alot/config``: maildir
+
Distributed under MIT License.
Aaron LI
-GnuPG key: Aaron LI <aaronly.me@gmail.com>
+GnuPG key: Aaron LI <aaronly.me@gmail.com> <aaronly.me@outlook.com>
Fingerprint: AC34 64FA DAAE 6321 8609 9CA6 240E 2A63 5D72 729A
diff --git a/_bin/get_cert.sh b/_bin/get_cert.sh
new file mode 100755
index 0000000..3cf44d1
--- /dev/null
+++ b/_bin/get_cert.sh
@@ -0,0 +1,39 @@
+#!/bin/sh
+#
+# Get the certificate of a server
+#
+# Reference:
+# [1] ArchWiki - Isync
+# https://wiki.archlinux.org/index.php/Isync
+#
+# Aaron LI
+# Created: 2016-01-30
+#
+
+if [ $# -ne 1 ] && [ $# -ne 2 ]; then
+ echo "Usage:"
+ echo " `basename $0` <host>:<port> [ output.pem ]"
+ exit 1
+fi
+
+SERVER="$1"
+HOST=`echo "${SERVER}" | cut -d':' -f1`
+PORT=`echo "${SERVER}" | cut -d':' -f2`
+PEM="$2"
+[ -z "${PEM}" ] && PEM="${HOST}.pem"
+
+openssl s_client -connect ${HOST}:${PORT} -showcerts 2>&1 < /dev/null | \
+ sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' | \
+ sed -ne '1,/-END CERTIFICATE-/p' > ${PEM}
+
+FINGERPRINT=`openssl x509 -noout -in ${PEM} -fingerprint -sha1 | cut -d'=' -f2`
+FINGERPRINT2=`echo "${FINGERPRINT}" | tr -d ':' | tr '[[:upper:]]' '[[:lower:]]'`
+
+NOT_BEFORE=`openssl x509 -noout -in ${PEM} -dates | grep 'notBefore' | cut -d'=' -f2`
+NOT_AFTER=`openssl x509 -noout -in ${PEM} -dates | grep 'notAfter' | cut -d'=' -f2`
+
+echo "Fingerprint_SHA1: ${FINGERPRINT} / ${FINGERPRINT2}"
+echo "Validity: ${NOT_BEFORE} - ${NOT_AFTER}"
+echo "Certificate save to file: ${PEM}"
+echo "Place the certificate to a cert directory, and rehash with 'c_rehash'"
+