I set up and tested an ejabberd-server. Ejabberd creates a SSL-Certificate itself during installation. Unfortunately I did not find any tutorial about how to get its fingerprint.
this documentation shows how to create a certificate, but not how to show its fingerprint.
I tried some commands I found. like
openssl pkcs8 -in /etc/ejabberd/ejabberd.pem -inform PEM -outform DER -topk8 -nocrypt | openssl sha1 -c
or
openssl rsa -in /etc/ejabberd/ejabberd.pem -pubout -outform DER | openssl SHA1 -c
and
ec2fp /etc/ejabberd/ejabberd.pem
When I connect to the ejabberd-server with pidgin, and select show certificate it shows me a SHA1 fingerprint that is different from all fingerprints I had got while testing the commands above.
I am pretty sure that this is no man-in-the-middle because this is happening in my lan-test-environment.
Can someone please tell me, what is the correct command to get the ejabberd-SSL-Certificate's fingerprint?
