Verschlüsselte Verbindungen, ob imap, smtp, pop oder web sind nur solange sicher, wie verifiziert werden kann, dass sich der mit einem Zertifikat meldende Server tatsächlich unseren Erwartungen entspricht und nicht etwa ein ‘man-in-the-middle’ die vermeintlich verschluesselte Verbindung belauscht. Zu diesem Zweck gibt es nachfolgend eine Auflistung der von uns auf unseren Servern eingesetzten Zertifikate- und deren Fingerprints.

Überprüft es selbst:

Wenn Ihr unseren PGP-Key in Eurem Schlüsselring habt, könnt Ihr die PGP-Signatur unter der Zertifikatsliste einfach überprüfen:

curl --silent https://so36.net/basics/zertifikate | gpg

Die Fingerprints der einzelnen Server vergleicht Ihr dann, indem Ihr zum Beispiel in Eurem Browser auf das Vorhängeschloss in der Adressleiste klickt und dort “weitere Informationen” zum Zertifikat bzw. zur Netzwerkverbindung anfordert.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

[
  {
    "subject_CN": "rage.so36.net",
    "subjectAltName": "DNS:imap.mail36.net, DNS:imap.so36.net, DNS:mail.mail36.net, DNS:mail.so36.net, DNS:pop.mail36.net, DNS:pop.so36.net, DNS:pop3.mail36.net, DNS:pop3.so36.net, DNS:rage.so36.net, DNS:smtp.mail36.net, DNS:smtp.so36.net",
    "serial": "032C77624941740F79984E57F2DCBC091F18",
    "fingerprint_sha1": "c80569ceb3be5c2782a03dccfc1ff261e38cff34",
    "fingerprint_sha256": "b13ff3d97301899503f8cdd568aaf1648ca1f277f625288e0171ed6e45f274d0",
    "not_before": "2021-07-31 01:00:11 UTC",
    "not_after": "2021-10-29 01:00:09 UTC",
    "issuer_CN": "R3"
  },
  {
    "subject_CN": "webmail.so36.net",
    "subjectAltName": "DNS:webmail.so36.net",
    "serial": "043FA9CCA31F0E3108969659ED27725A408F",
    "fingerprint_sha1": "0e9f94a1c24c4ef7091397b66bcb9276076bc87d",
    "fingerprint_sha256": "bd2cd145e26034fcf03b9965d3992143e2c7e242c0dbdf4df026693f1d0df652",
    "not_before": "2021-07-16 00:59:19 UTC",
    "not_after": "2021-10-14 00:59:17 UTC",
    "issuer_CN": "R3"
  },
  {
    "subject_CN": "www.so36.net",
    "subjectAltName": "DNS:so36.net, DNS:www.so36.net",
    "serial": "03FD6E8A7C239FD412F5F15F582DAF3627B1",
    "fingerprint_sha1": "9da6c147e1cf7f3e1585dcc09c305367e8295f82",
    "fingerprint_sha256": "a39e4a3f324e80eaa042f52fdbd3f0d26483eb09d14565af860cd5541a4be362",
    "not_before": "2021-07-11 02:25:19 UTC",
    "not_after": "2021-10-09 02:25:18 UTC",
    "issuer_CN": "R3"
  },
  {
    "subject_CN": "ftp.so36.net",
    "subjectAltName": "DNS:ftp.so36.net",
    "serial": "04A426B23A0BDBD0B6E68B22DEF5BA622BB1",
    "fingerprint_sha1": "8285a0019c919d8e296d6dd41860faf04803a06c",
    "fingerprint_sha256": "9eb853f28088490949c5afdf5ad90bc9060329ddeb49353e2ee4162fa702e1df",
    "not_before": "2021-08-30 02:21:19 UTC",
    "not_after": "2021-11-28 02:21:18 UTC",
    "issuer_CN": "R3"
  },
  {
    "subject_CN": "openpgpkey.so36.net",
    "subjectAltName": "DNS:openpgpkey.so36.net",
    "serial": "0322E3CDC8669E8B9F5906B232C539F82B4C",
    "fingerprint_sha1": "3c9903c471290984f04db23ae5d71d8744b20fb5",
    "fingerprint_sha256": "824044fd929b0594fc37daa8df374bd97457db20d8c723c22d15650651a50e5e",
    "not_before": "2021-07-14 02:21:49 UTC",
    "not_after": "2021-10-12 02:21:48 UTC",
    "issuer_CN": "R3"
  },
  {
    "subject_CN": "autoconfig.mail36.net",
    "subjectAltName": "DNS:autoconfig.mail36.net",
    "serial": "030095DF5EC215778993D78969009C1F133F",
    "fingerprint_sha1": "c1ebdb5808724fdab8d69678a4aad31c31668759",
    "fingerprint_sha256": "2039c699ea2eeccbae1040d0b637c92b94aabee99a87caa605810ab1749083b4",
    "not_before": "2021-07-04 02:26:03 UTC",
    "not_after": "2021-10-02 02:26:02 UTC",
    "issuer_CN": "R3"
  },
  {
    "subject_CN": "autoconfig.so36.net",
    "subjectAltName": "DNS:autoconfig.so36.net",
    "serial": "043B1526539F246D0CE3327FF4140AD87BA2",
    "fingerprint_sha1": "be14447be4aa8e9f3522077fbf1da63776573abe",
    "fingerprint_sha256": "70d25aad69af6802e4df2b344d8745ae83a0b71f167acc1f72e671bff4e01efa",
    "not_before": "2021-07-16 02:21:18 UTC",
    "not_after": "2021-10-14 02:21:16 UTC",
    "issuer_CN": "R3"
  },
  {
    "subject_CN": "codecoop.org",
    "subjectAltName": "DNS:codecoop.org, DNS:git.codecoop.org",
    "serial": "0437C41E26040394768727259C75A14B6381",
    "fingerprint_sha1": "2a71abcfc61e2d50ef2d176b561946c015aab9f3",
    "fingerprint_sha256": "dc42649f04036dd06f680e980883237a72915d54ef4b8ec7ab4d58ccc845240b",
    "not_before": "2021-08-02 02:28:21 UTC",
    "not_after": "2021-10-31 02:28:19 UTC",
    "issuer_CN": "R3"
  },
  {
    "subject_CN": "jabber.so36.net",
    "subjectAltName": "DNS:jabber.so36.net",
    "serial": "0451DE57C976C41AC8E82DF50D5861DC8981",
    "fingerprint_sha1": "2cdc21d8c1f45bf65ecc9d7e01945115ae97801d",
    "fingerprint_sha256": "3e2d709a7438c424ad1d834c41c4aa3f4ad5084145677c97a481e0daf4907937",
    "not_before": "2021-08-04 22:21:13 UTC",
    "not_after": "2021-11-02 22:21:11 UTC",
    "issuer_CN": "R3"
  },
  {
    "subject_CN": "talk36.net",
    "subjectAltName": "DNS:talk36.net",
    "serial": "031426CCDC48993212B9567178AB0CAB14F1",
    "fingerprint_sha1": "82e06b55d7bd26bb2bd9f443b4f6399029c0effb",
    "fingerprint_sha256": "833291cf964b9b3395e6aeaa9ed4f0abfe8183b9b4664bfb1195e05ef3639be8",
    "not_before": "2021-07-26 22:21:13 UTC",
    "not_after": "2021-10-24 22:21:11 UTC",
    "issuer_CN": "R3"
  },
  {
    "subject_CN": "lists36.net",
    "subjectAltName": "DNS:lists36.net",
    "serial": "0490254A83C2684CE8BBB189628F4C470288",
    "fingerprint_sha1": "3bf168c5c31b8ee34659d2e298d8fa1dafe0d2f7",
    "fingerprint_sha256": "f60fef9968315bb55d3fd3bbd050094babf817a9d32994ef0b905c79acc722ea",
    "not_before": "2021-08-07 02:21:19 UTC",
    "not_after": "2021-11-05 02:21:17 UTC",
    "issuer_CN": "R3"
  }
]
-----BEGIN PGP SIGNATURE-----

iHUEARYKAB0WIQSDoigSDlA4bE4QVE98SGyEXcMpawUCYS31JQAKCRB8SGyEXcMp
a8DzAP9VtrscfmXD+oK86hSni+mBFpRDMdSBsSOX9tt9uWNnzgEAhtnkffmJbyGO
SF44alAwOxPEnciK0+MS3J/kGHdeowM=
=vHhF
-----END PGP SIGNATURE-----