Between a rock and a crazy place

Heartbleed: New certificates

10 Apr 2014

Due to the Heartbleed vulnerability I had to recreate all TLS-keys of my server. Since CACert appears to be mostly dead (or dying at least), I am currently on the lookout for a new CA. In the meantime I switched to self-signed certificates for all my services.

The new fingerprints are:

Service SHA1-Fingerprint
merovius.de 8C:85:B1:9E:37:92:FE:C9:71:F6:0E:C6:9B:25:9C:CD:30:2B:D5:35
blog.merovius.de 1B:DB:45:11:F3:EE:66:8D:3B:DF:63:B9:7C:D9:FC:26:A4:D1:E1:B8
git.merovius.de 65:51:16:25:1A:9E:50:B2:F7:D7:8A:2B:77:DE:DE:0C:02:3C:6C:ED
smtp (mail.merovius.de) 1F:E5:3F:9D:EE:B4:47:AE:2E:02:D8:2C:1E:2A:6C:FC:D6:62:99:F4
jabber (merovius.de) 15:64:29:49:82:0E:8B:76:47:1A:19:5B:98:6F:E4:56:24:D9:69:07

This is of course useless in the general case, but if you already trust my gpg-key, you can use

curl http://blog.merovius.de/2014/04/10/heartbleed-new-certificates.html | gpg

to get this post signed and verified.