Last active
May 26, 2024 18:45
-
-
Save guitarrapc/8e6b68f21bc1eef8e7b66bde477d5859 to your computer and use it in GitHub Desktop.
Get Thumbprint of GitHub OIDC, updated on 2022/01/13.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
$ openssl s_client -servername token.actions.githubusercontent.com -showcerts -connect token.actions.githubusercontent.com:443 < /dev/null 2>/dev/null | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' | sed "0,/-END CERTIFICATE-/d" > certificate.crt | |
$ openssl x509 -in certificate.crt -fingerprint -noout | cut -f2 -d'=' | tr -d ':' | tr '[:upper:]' '[:lower:]' | |
6938fd4d98bab03faadb97b34396831e3780aea1 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
-----BEGIN CERTIFICATE----- | |
MIIE6jCCA9KgAwIBAgIQCjUI1VwpKwF9+K1lwA/35DANBgkqhkiG9w0BAQsFADBh | |
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 | |
d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD | |
QTAeFw0yMDA5MjQwMDAwMDBaFw0zMDA5MjMyMzU5NTlaME8xCzAJBgNVBAYTAlVT | |
MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxKTAnBgNVBAMTIERpZ2lDZXJ0IFRMUyBS | |
U0EgU0hBMjU2IDIwMjAgQ0ExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC | |
AQEAwUuzZUdwvN1PWNvsnO3DZuUfMRNUrUpmRh8sCuxkB+Uu3Ny5CiDt3+PE0J6a | |
qXodgojlEVbbHp9YwlHnLDQNLtKS4VbL8Xlfs7uHyiUDe5pSQWYQYE9XE0nw6Ddn | |
g9/n00tnTCJRpt8OmRDtV1F0JuJ9x8piLhMbfyOIJVNvwTRYAIuE//i+p1hJInuW | |
raKImxW8oHzf6VGo1bDtN+I2tIJLYrVJmuzHZ9bjPvXj1hJeRPG/cUJ9WIQDgLGB | |
Afr5yjK7tI4nhyfFK3TUqNaX3sNk+crOU6JWvHgXjkkDKa77SU+kFbnO8lwZV21r | |
eacroicgE7XQPUDTITAHk+qZ9QIDAQABo4IBrjCCAaowHQYDVR0OBBYEFLdrouqo | |
qoSMeeq02g+YssWVdrn0MB8GA1UdIwQYMBaAFAPeUDVW0Uy7ZvCj4hsbw5eyPdFV | |
MA4GA1UdDwEB/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIw | |
EgYDVR0TAQH/BAgwBgEB/wIBADB2BggrBgEFBQcBAQRqMGgwJAYIKwYBBQUHMAGG | |
GGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBABggrBgEFBQcwAoY0aHR0cDovL2Nh | |
Y2VydHMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0R2xvYmFsUm9vdENBLmNydDB7BgNV | |
HR8EdDByMDegNaAzhjFodHRwOi8vY3JsMy5kaWdpY2VydC5jb20vRGlnaUNlcnRH | |
bG9iYWxSb290Q0EuY3JsMDegNaAzhjFodHRwOi8vY3JsNC5kaWdpY2VydC5jb20v | |
RGlnaUNlcnRHbG9iYWxSb290Q0EuY3JsMDAGA1UdIAQpMCcwBwYFZ4EMAQEwCAYG | |
Z4EMAQIBMAgGBmeBDAECAjAIBgZngQwBAgMwDQYJKoZIhvcNAQELBQADggEBAHer | |
t3onPa679n/gWlbJhKrKW3EX3SJH/E6f7tDBpATho+vFScH90cnfjK+URSxGKqNj | |
OSD5nkoklEHIqdninFQFBstcHL4AGw+oWv8Zu2XHFq8hVt1hBcnpj5h232sb0HIM | |
ULkwKXq/YFkQZhM6LawVEWwtIwwCPgU7/uWhnOKK24fXSuhe50gG66sSmvKvhMNb | |
g0qZgYOrAKHKCjxMoiWJKiKnpPMzTFuMLhoClw+dj20tlQj7T9rxkTgl4ZxuYRiH | |
as6xuwAwapu3r9rxxZf+ingkquqTgLozZXq8oXfpf2kUCwA/d5KxTVtzhwoT0JzI | |
8ks5T1KESaZMkE4f97Q= | |
-----END CERTIFICATE----- |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
$ curl https://token.actions.githubusercontent.com/.well-known/openid-configuration | |
$ openssl s_client -servername token.actions.githubusercontent.com -showcerts -connect token.actions.githubusercontent.com:443 < /dev/null | |
CONNECTED(00000003) | |
depth=2 C = US, O = DigiCert Inc, OU = www.digicert.com, CN = DigiCert Global Root CA | |
verify return:1 | |
depth=1 C = US, O = DigiCert Inc, CN = DigiCert TLS RSA SHA256 2020 CA1 | |
verify return:1 | |
depth=0 C = US, ST = California, L = San Francisco, O = "GitHub, Inc.", CN = *.actions.githubusercontent.com | |
verify return:1 | |
--- | |
Certificate chain | |
0 s:C = US, ST = California, L = San Francisco, O = "GitHub, Inc.", CN = *.actions.githubusercontent.com | |
i:C = US, O = DigiCert Inc, CN = DigiCert TLS RSA SHA256 2020 CA1 | |
-----BEGIN CERTIFICATE----- | |
MIIG9jCCBd6gAwIBAgIQCFCR4fqbkQJJbzQZsc87qzANBgkqhkiG9w0BAQsFADBP | |
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMSkwJwYDVQQDEyBE | |
aWdpQ2VydCBUTFMgUlNBIFNIQTI1NiAyMDIwIENBMTAeFw0yMjAxMTEwMDAwMDBa | |
Fw0yMzAxMTEyMzU5NTlaMHsxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9y | |
bmlhMRYwFAYDVQQHEw1TYW4gRnJhbmNpc2NvMRUwEwYDVQQKEwxHaXRIdWIsIElu | |
Yy4xKDAmBgNVBAMMHyouYWN0aW9ucy5naXRodWJ1c2VyY29udGVudC5jb20wggEi | |
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCcHl5GgNgXYUI5Zz085Ar9wSiI | |
gdDnOkaXof2u3pcJ1138Tlz6aheVqXfJ8MOAups0LTr9j/dTHAGWKQz0qdyUdYIJ | |
FwiOlkmphoP+a4xVJXbdVVN7qvmfV8f0YnG5oGVyx9hDl/30JReVIYPbC8JNSiIW | |
2jMYnjqPu41tPclNNroW9K8gJUzT/WE4LRHohOmR1GbC1xQ8YlFS6pFs+Xuznou8 | |
TzO8PsXRdaDe/7pYZgR/Otv5XLY5siCBraMuxtj1g4Z/Tz8d2Z+sMPIxtHZjxmcu | |
LPfIix6cARSpJFgGF7Yh9vgLK9jEkgfuU1Nnshv7S6ylIn5SfHNToQjCRSPJAgMB | |
AAGjggOgMIIDnDAfBgNVHSMEGDAWgBS3a6LqqKqEjHnqtNoPmLLFlXa59DAdBgNV | |
HQ4EFgQUibMM9Yecb/WbuZDkxiGVR39k0QMwSQYDVR0RBEIwQIIfKi5hY3Rpb25z | |
LmdpdGh1YnVzZXJjb250ZW50LmNvbYIdYWN0aW9ucy5naXRodWJ1c2VyY29udGVu | |
dC5jb20wDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEF | |
BQcDAjCBjwYDVR0fBIGHMIGEMECgPqA8hjpodHRwOi8vY3JsMy5kaWdpY2VydC5j | |
b20vRGlnaUNlcnRUTFNSU0FTSEEyNTYyMDIwQ0ExLTQuY3JsMECgPqA8hjpodHRw | |
Oi8vY3JsNC5kaWdpY2VydC5jb20vRGlnaUNlcnRUTFNSU0FTSEEyNTYyMDIwQ0Ex | |
LTQuY3JsMD4GA1UdIAQ3MDUwMwYGZ4EMAQICMCkwJwYIKwYBBQUHAgEWG2h0dHA6 | |
Ly93d3cuZGlnaWNlcnQuY29tL0NQUzB/BggrBgEFBQcBAQRzMHEwJAYIKwYBBQUH | |
MAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBJBggrBgEFBQcwAoY9aHR0cDov | |
L2NhY2VydHMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0VExTUlNBU0hBMjU2MjAyMENB | |
MS0xLmNydDAMBgNVHRMBAf8EAjAAMIIBfQYKKwYBBAHWeQIEAgSCAW0EggFpAWcA | |
dQCt9776fP8QyIudPZwePhhqtGcpXc+xDCTKhYY069yCigAAAX5IjyPvAAAEAwBG | |
MEQCIDxMGruNl33xLmOdh2UdMxA3aiuIX3vgeXSuXRce6sqBAiApoOxk2sfxfZdw | |
cMxXuM0B8bfgGiQ7IlG14wRa7KQioAB3ADXPGRu/sWxXvw+tTG1Cy7u2JyAmUeo/ | |
4SrvqAPDO9ZMAAABfkiPI8kAAAQDAEgwRgIhAJJmNVWqVfFlQLdX8sbbQ9VmJA5K | |
28ldvwLQpnJopgFzAiEAsGYoIzVOBazT96kGYIuJ3k+Zya7PsFtPVyUbOom55PcA | |
dQCzc3cH4YRQ+GOG1gWp3BEJSnktsWcMC4fc8AMOeTalmgAAAX5IjyPnAAAEAwBG | |
MEQCIE0NMqwPjqYJwxYqrh7CVueH1rWvKYvRj8cvv3fr7Ku5AiBGFfeJ+Nsy3VCW | |
TAih+ito29SvJ0TJrDsyHy3PhkmZ6jANBgkqhkiG9w0BAQsFAAOCAQEAih09kwU8 | |
8j/R3/xDkV/2Td/ZbgzUPrrjnMqL32Kv8zqPb0AnaOZbA9XqMuQimLDPqr7fTtKR | |
BRhXStaNT5s7zZm3g9P+Xsxl2XSiuTbR0Y9MOmfgWA0Jv3vw8zq/etdGBrV0stQ/ | |
JB2GKteYl9hP7eOj0xaNg/ylaCDONG084lqVlugggmsW9RgN3zAESmALahezuzlN | |
G5asPhNDCIRyo3mm0hHCV4/Kvoura/bGVkc7Wkk6q/cplN5VCSq9wYk2ugEaxsc1 | |
YeqXpxQtRVJTF/UtuNpWS+Tp1COx3DiaoTjCmEImSzYarfZ7QIMR9opxJEPAB52h | |
s/oLX5ruUXwvIw== | |
-----END CERTIFICATE----- | |
1 s:C = US, O = DigiCert Inc, CN = DigiCert TLS RSA SHA256 2020 CA1 | |
i:C = US, O = DigiCert Inc, OU = www.digicert.com, CN = DigiCert Global Root CA | |
-----BEGIN CERTIFICATE----- | |
MIIE6jCCA9KgAwIBAgIQCjUI1VwpKwF9+K1lwA/35DANBgkqhkiG9w0BAQsFADBh | |
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 | |
d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD | |
QTAeFw0yMDA5MjQwMDAwMDBaFw0zMDA5MjMyMzU5NTlaME8xCzAJBgNVBAYTAlVT | |
MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxKTAnBgNVBAMTIERpZ2lDZXJ0IFRMUyBS | |
U0EgU0hBMjU2IDIwMjAgQ0ExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC | |
AQEAwUuzZUdwvN1PWNvsnO3DZuUfMRNUrUpmRh8sCuxkB+Uu3Ny5CiDt3+PE0J6a | |
qXodgojlEVbbHp9YwlHnLDQNLtKS4VbL8Xlfs7uHyiUDe5pSQWYQYE9XE0nw6Ddn | |
g9/n00tnTCJRpt8OmRDtV1F0JuJ9x8piLhMbfyOIJVNvwTRYAIuE//i+p1hJInuW | |
raKImxW8oHzf6VGo1bDtN+I2tIJLYrVJmuzHZ9bjPvXj1hJeRPG/cUJ9WIQDgLGB | |
Afr5yjK7tI4nhyfFK3TUqNaX3sNk+crOU6JWvHgXjkkDKa77SU+kFbnO8lwZV21r | |
eacroicgE7XQPUDTITAHk+qZ9QIDAQABo4IBrjCCAaowHQYDVR0OBBYEFLdrouqo | |
qoSMeeq02g+YssWVdrn0MB8GA1UdIwQYMBaAFAPeUDVW0Uy7ZvCj4hsbw5eyPdFV | |
MA4GA1UdDwEB/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIw | |
EgYDVR0TAQH/BAgwBgEB/wIBADB2BggrBgEFBQcBAQRqMGgwJAYIKwYBBQUHMAGG | |
GGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBABggrBgEFBQcwAoY0aHR0cDovL2Nh | |
Y2VydHMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0R2xvYmFsUm9vdENBLmNydDB7BgNV | |
HR8EdDByMDegNaAzhjFodHRwOi8vY3JsMy5kaWdpY2VydC5jb20vRGlnaUNlcnRH | |
bG9iYWxSb290Q0EuY3JsMDegNaAzhjFodHRwOi8vY3JsNC5kaWdpY2VydC5jb20v | |
RGlnaUNlcnRHbG9iYWxSb290Q0EuY3JsMDAGA1UdIAQpMCcwBwYFZ4EMAQEwCAYG | |
Z4EMAQIBMAgGBmeBDAECAjAIBgZngQwBAgMwDQYJKoZIhvcNAQELBQADggEBAHer | |
t3onPa679n/gWlbJhKrKW3EX3SJH/E6f7tDBpATho+vFScH90cnfjK+URSxGKqNj | |
OSD5nkoklEHIqdninFQFBstcHL4AGw+oWv8Zu2XHFq8hVt1hBcnpj5h232sb0HIM | |
ULkwKXq/YFkQZhM6LawVEWwtIwwCPgU7/uWhnOKK24fXSuhe50gG66sSmvKvhMNb | |
g0qZgYOrAKHKCjxMoiWJKiKnpPMzTFuMLhoClw+dj20tlQj7T9rxkTgl4ZxuYRiH | |
as6xuwAwapu3r9rxxZf+ingkquqTgLozZXq8oXfpf2kUCwA/d5KxTVtzhwoT0JzI | |
8ks5T1KESaZMkE4f97Q= | |
-----END CERTIFICATE----- | |
--- | |
Server certificate | |
subject=C = US, ST = California, L = San Francisco, O = "GitHub, Inc.", CN = *.actions.githubusercontent.com | |
issuer=C = US, O = DigiCert Inc, CN = DigiCert TLS RSA SHA256 2020 CA1 | |
--- | |
No client certificate CA names sent | |
Peer signing digest: SHA256 | |
Peer signature type: RSA-PSS | |
Server Temp Key: ECDH, P-384, 384 bits | |
--- | |
SSL handshake has read 3854 bytes and written 485 bytes | |
Verification: OK | |
--- | |
New, TLSv1.2, Cipher is ECDHE-RSA-AES256-GCM-SHA384 | |
Server public key is 2048 bit | |
Secure Renegotiation IS supported | |
Compression: NONE | |
Expansion: NONE | |
No ALPN negotiated | |
SSL-Session: | |
Protocol : TLSv1.2 | |
Cipher : ECDHE-RSA-AES256-GCM-SHA384 | |
Session-ID: 4C50FF4BC6477E099C9A4CACE6222BB0522842E9B123D53015D48486912CFE6C | |
Session-ID-ctx: | |
Master-Key: 886D9942CA50B8C12502A9FED7B65ADA854AF7E716A30BF3C4A635F24EEAFF636EDE536EA741A3A767107CE3C5FDDB04 | |
PSK identity: None | |
PSK identity hint: None | |
SRP username: None | |
TLS session ticket lifetime hint: 36000 (seconds) | |
TLS session ticket: | |
0000 - 00 00 00 00 99 65 c2 71-5b 5c 53 4f 9b 4f 35 86 .....e.q[\SO.O5. | |
0010 - b3 82 a6 9e 4c e1 ae de-2f c1 33 df 99 53 cb 3f ....L.../.3..S.? | |
0020 - ee 3a 38 43 78 ed e4 1a-ce ba a3 44 c5 0c 52 fa .:8Cx......D..R. | |
0030 - 88 9b 37 03 9e a6 80 1b-f1 44 4a 33 c7 cc 8c 8b ..7......DJ3.... | |
0040 - d1 af 4f b9 d5 35 34 30-04 61 42 8e df e3 37 14 ..O..540.aB...7. | |
0050 - 68 a7 59 6c 28 82 f5 91-df 63 a8 59 ab f3 69 cc h.Yl(....c.Y..i. | |
0060 - 8c c6 4e 46 28 e4 51 ac-d6 72 d1 6d 08 cf 17 a7 ..NF(.Q..r.m.... | |
0070 - 25 40 dc 25 4f c6 a4 8c-fc de 3b c6 66 66 32 a9 %@.%O.....;.ff2. | |
0080 - 6b f7 6a 9f a4 d5 22 03-86 b3 2e bb 84 92 2c a1 k.j...".......,. | |
0090 - 9e 68 24 07 44 6a 4a 66-f0 99 0c 40 c0 6b 17 83 [email protected].. | |
00a0 - 44 2c 96 61 0f 73 f9 43-e1 b6 27 80 3c ec 32 69 D,.a.s.C..'.<.2i | |
00b0 - be 0b 68 d7 41 5f 92 98-41 d6 49 38 1c 21 49 6c ..h.A_..A.I8.!Il | |
00c0 - 20 42 24 12 d4 74 5e be-aa 19 45 7d b1 ee 8f 83 B$..t^...E}.... | |
00d0 - c8 be 3f f7 ca 8d 7b 61-53 c9 06 98 cb db bd ac ..?...{aS....... | |
00e0 - c6 fa d6 8e 46 52 f6 8f-97 2d 53 93 48 51 43 3b ....FR...-S.HQC; | |
00f0 - 65 37 c2 2e c3 d1 01 1e-c2 b5 39 ed c7 a1 0f 1e e7........9..... | |
0100 - 5b f1 21 f4 [.!. | |
Start Time: 1642036537 | |
Timeout : 7200 (sec) | |
Verify return code: 0 (ok) | |
Extended master secret: yes | |
--- |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
$ openssl s_client -servername token.actions.githubusercontent.com -connect token.actions.githubusercontent.com:443 < /dev/null | openssl x509 -text | |
depth=2 C = US, O = DigiCert Inc, OU = www.digicert.com, CN = DigiCert Global Root CA | |
verify return:1 | |
depth=1 C = US, O = DigiCert Inc, CN = DigiCert TLS RSA SHA256 2020 CA1 | |
verify return:1 | |
depth=0 C = US, ST = California, L = San Francisco, O = "GitHub, Inc.", CN = *.actions.githubusercontent.com | |
verify return:1 | |
DONE | |
Certificate: | |
Data: | |
Version: 3 (0x2) | |
Serial Number: | |
08:50:91:e1:fa:9b:91:02:49:6f:34:19:b1:cf:3b:ab | |
Signature Algorithm: sha256WithRSAEncryption | |
Issuer: C = US, O = DigiCert Inc, CN = DigiCert TLS RSA SHA256 2020 CA1 | |
Validity | |
Not Before: Jan 11 00:00:00 2022 GMT | |
Not After : Jan 11 23:59:59 2023 GMT | |
Subject: C = US, ST = California, L = San Francisco, O = "GitHub, Inc.", CN = *.actions.githubusercontent.com | |
Subject Public Key Info: | |
Public Key Algorithm: rsaEncryption | |
RSA Public-Key: (2048 bit) | |
Modulus: | |
00:9c:1e:5e:46:80:d8:17:61:42:39:67:3d:3c:e4: | |
0a:fd:c1:28:88:81:d0:e7:3a:46:97:a1:fd:ae:de: | |
97:09:d7:5d:fc:4e:5c:fa:6a:17:95:a9:77:c9:f0: | |
c3:80:ba:9b:34:2d:3a:fd:8f:f7:53:1c:01:96:29: | |
0c:f4:a9:dc:94:75:82:09:17:08:8e:96:49:a9:86: | |
83:fe:6b:8c:55:25:76:dd:55:53:7b:aa:f9:9f:57: | |
c7:f4:62:71:b9:a0:65:72:c7:d8:43:97:fd:f4:25: | |
17:95:21:83:db:0b:c2:4d:4a:22:16:da:33:18:9e: | |
3a:8f:bb:8d:6d:3d:c9:4d:36:ba:16:f4:af:20:25: | |
4c:d3:fd:61:38:2d:11:e8:84:e9:91:d4:66:c2:d7: | |
14:3c:62:51:52:ea:91:6c:f9:7b:b3:9e:8b:bc:4f: | |
33:bc:3e:c5:d1:75:a0:de:ff:ba:58:66:04:7f:3a: | |
db:f9:5c:b6:39:b2:20:81:ad:a3:2e:c6:d8:f5:83: | |
86:7f:4f:3f:1d:d9:9f:ac:30:f2:31:b4:76:63:c6: | |
67:2e:2c:f7:c8:8b:1e:9c:01:14:a9:24:58:06:17: | |
b6:21:f6:f8:0b:2b:d8:c4:92:07:ee:53:53:67:b2: | |
1b:fb:4b:ac:a5:22:7e:52:7c:73:53:a1:08:c2:45: | |
23:c9 | |
Exponent: 65537 (0x10001) | |
X509v3 extensions: | |
X509v3 Authority Key Identifier: | |
keyid:B7:6B:A2:EA:A8:AA:84:8C:79:EA:B4:DA:0F:98:B2:C5:95:76:B9:F4 | |
X509v3 Subject Key Identifier: | |
89:B3:0C:F5:87:9C:6F:F5:9B:B9:90:E4:C6:21:95:47:7F:64:D1:03 | |
X509v3 Subject Alternative Name: | |
DNS:*.actions.githubusercontent.com, DNS:actions.githubusercontent.com | |
X509v3 Key Usage: critical | |
Digital Signature, Key Encipherment | |
X509v3 Extended Key Usage: | |
TLS Web Server Authentication, TLS Web Client Authentication | |
X509v3 CRL Distribution Points: | |
Full Name: | |
URI:http://crl3.digicert.com/DigiCertTLSRSASHA2562020CA1-4.crl | |
Full Name: | |
URI:http://crl4.digicert.com/DigiCertTLSRSASHA2562020CA1-4.crl | |
X509v3 Certificate Policies: | |
Policy: 2.23.140.1.2.2 | |
CPS: http://www.digicert.com/CPS | |
Authority Information Access: | |
OCSP - URI:http://ocsp.digicert.com | |
CA Issuers - URI:http://cacerts.digicert.com/DigiCertTLSRSASHA2562020CA1-1.crt | |
X509v3 Basic Constraints: critical | |
CA:FALSE | |
CT Precertificate SCTs: | |
Signed Certificate Timestamp: | |
Version : v1 (0x0) | |
Log ID : AD:F7:BE:FA:7C:FF:10:C8:8B:9D:3D:9C:1E:3E:18:6A: | |
B4:67:29:5D:CF:B1:0C:24:CA:85:86:34:EB:DC:82:8A | |
Timestamp : Jan 11 09:54:07.471 2022 GMT | |
Extensions: none | |
Signature : ecdsa-with-SHA256 | |
30:44:02:20:3C:4C:1A:BB:8D:97:7D:F1:2E:63:9D:87: | |
65:1D:33:10:37:6A:2B:88:5F:7B:E0:79:74:AE:5D:17: | |
1E:EA:CA:81:02:20:29:A0:EC:64:DA:C7:F1:7D:97:70: | |
70:CC:57:B8:CD:01:F1:B7:E0:1A:24:3B:22:51:B5:E3: | |
04:5A:EC:A4:22:A0 | |
Signed Certificate Timestamp: | |
Version : v1 (0x0) | |
Log ID : 35:CF:19:1B:BF:B1:6C:57:BF:0F:AD:4C:6D:42:CB:BB: | |
B6:27:20:26:51:EA:3F:E1:2A:EF:A8:03:C3:3B:D6:4C | |
Timestamp : Jan 11 09:54:07.433 2022 GMT | |
Extensions: none | |
Signature : ecdsa-with-SHA256 | |
30:46:02:21:00:92:66:35:55:AA:55:F1:65:40:B7:57: | |
F2:C6:DB:43:D5:66:24:0E:4A:DB:C9:5D:BF:02:D0:A6: | |
72:68:A6:01:73:02:21:00:B0:66:28:23:35:4E:05:AC: | |
D3:F7:A9:06:60:8B:89:DE:4F:99:C9:AE:CF:B0:5B:4F: | |
57:25:1B:3A:89:B9:E4:F7 | |
Signed Certificate Timestamp: | |
Version : v1 (0x0) | |
Log ID : B3:73:77:07:E1:84:50:F8:63:86:D6:05:A9:DC:11:09: | |
4A:79:2D:B1:67:0C:0B:87:DC:F0:03:0E:79:36:A5:9A | |
Timestamp : Jan 11 09:54:07.463 2022 GMT | |
Extensions: none | |
Signature : ecdsa-with-SHA256 | |
30:44:02:20:4D:0D:32:AC:0F:8E:A6:09:C3:16:2A:AE: | |
1E:C2:56:E7:87:D6:B5:AF:29:8B:D1:8F:C7:2F:BF:77: | |
EB:EC:AB:B9:02:20:46:15:F7:89:F8:DB:32:DD:50:96: | |
4C:08:A1:FA:2B:68:DB:D4:AF:27:44:C9:AC:3B:32:1F: | |
2D:CF:86:49:99:EA | |
Signature Algorithm: sha256WithRSAEncryption | |
8a:1d:3d:93:05:3c:f2:3f:d1:df:fc:43:91:5f:f6:4d:df:d9: | |
6e:0c:d4:3e:ba:e3:9c:ca:8b:df:62:af:f3:3a:8f:6f:40:27: | |
68:e6:5b:03:d5:ea:32:e4:22:98:b0:cf:aa:be:df:4e:d2:91: | |
05:18:57:4a:d6:8d:4f:9b:3b:cd:99:b7:83:d3:fe:5e:cc:65: | |
d9:74:a2:b9:36:d1:d1:8f:4c:3a:67:e0:58:0d:09:bf:7b:f0: | |
f3:3a:bf:7a:d7:46:06:b5:74:b2:d4:3f:24:1d:86:2a:d7:98: | |
97:d8:4f:ed:e3:a3:d3:16:8d:83:fc:a5:68:20:ce:34:6d:3c: | |
e2:5a:95:96:e8:20:82:6b:16:f5:18:0d:df:30:04:4a:60:0b: | |
6a:17:b3:bb:39:4d:1b:96:ac:3e:13:43:08:84:72:a3:79:a6: | |
d2:11:c2:57:8f:ca:be:8b:ab:6b:f6:c6:56:47:3b:5a:49:3a: | |
ab:f7:29:94:de:55:09:2a:bd:c1:89:36:ba:01:1a:c6:c7:35: | |
61:ea:97:a7:14:2d:45:52:53:17:f5:2d:b8:da:56:4b:e4:e9: | |
d4:23:b1:dc:38:9a:a1:38:c2:98:42:26:4b:36:1a:ad:f6:7b: | |
40:83:11:f6:8a:71:24:43:c0:07:9d:a1:b3:fa:0b:5f:9a:ee: | |
51:7c:2f:23 | |
-----BEGIN CERTIFICATE----- | |
MIIG9jCCBd6gAwIBAgIQCFCR4fqbkQJJbzQZsc87qzANBgkqhkiG9w0BAQsFADBP | |
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMSkwJwYDVQQDEyBE | |
aWdpQ2VydCBUTFMgUlNBIFNIQTI1NiAyMDIwIENBMTAeFw0yMjAxMTEwMDAwMDBa | |
Fw0yMzAxMTEyMzU5NTlaMHsxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9y | |
bmlhMRYwFAYDVQQHEw1TYW4gRnJhbmNpc2NvMRUwEwYDVQQKEwxHaXRIdWIsIElu | |
Yy4xKDAmBgNVBAMMHyouYWN0aW9ucy5naXRodWJ1c2VyY29udGVudC5jb20wggEi | |
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCcHl5GgNgXYUI5Zz085Ar9wSiI | |
gdDnOkaXof2u3pcJ1138Tlz6aheVqXfJ8MOAups0LTr9j/dTHAGWKQz0qdyUdYIJ | |
FwiOlkmphoP+a4xVJXbdVVN7qvmfV8f0YnG5oGVyx9hDl/30JReVIYPbC8JNSiIW | |
2jMYnjqPu41tPclNNroW9K8gJUzT/WE4LRHohOmR1GbC1xQ8YlFS6pFs+Xuznou8 | |
TzO8PsXRdaDe/7pYZgR/Otv5XLY5siCBraMuxtj1g4Z/Tz8d2Z+sMPIxtHZjxmcu | |
LPfIix6cARSpJFgGF7Yh9vgLK9jEkgfuU1Nnshv7S6ylIn5SfHNToQjCRSPJAgMB | |
AAGjggOgMIIDnDAfBgNVHSMEGDAWgBS3a6LqqKqEjHnqtNoPmLLFlXa59DAdBgNV | |
HQ4EFgQUibMM9Yecb/WbuZDkxiGVR39k0QMwSQYDVR0RBEIwQIIfKi5hY3Rpb25z | |
LmdpdGh1YnVzZXJjb250ZW50LmNvbYIdYWN0aW9ucy5naXRodWJ1c2VyY29udGVu | |
dC5jb20wDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEF | |
BQcDAjCBjwYDVR0fBIGHMIGEMECgPqA8hjpodHRwOi8vY3JsMy5kaWdpY2VydC5j | |
b20vRGlnaUNlcnRUTFNSU0FTSEEyNTYyMDIwQ0ExLTQuY3JsMECgPqA8hjpodHRw | |
Oi8vY3JsNC5kaWdpY2VydC5jb20vRGlnaUNlcnRUTFNSU0FTSEEyNTYyMDIwQ0Ex | |
LTQuY3JsMD4GA1UdIAQ3MDUwMwYGZ4EMAQICMCkwJwYIKwYBBQUHAgEWG2h0dHA6 | |
Ly93d3cuZGlnaWNlcnQuY29tL0NQUzB/BggrBgEFBQcBAQRzMHEwJAYIKwYBBQUH | |
MAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBJBggrBgEFBQcwAoY9aHR0cDov | |
L2NhY2VydHMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0VExTUlNBU0hBMjU2MjAyMENB | |
MS0xLmNydDAMBgNVHRMBAf8EAjAAMIIBfQYKKwYBBAHWeQIEAgSCAW0EggFpAWcA | |
dQCt9776fP8QyIudPZwePhhqtGcpXc+xDCTKhYY069yCigAAAX5IjyPvAAAEAwBG | |
MEQCIDxMGruNl33xLmOdh2UdMxA3aiuIX3vgeXSuXRce6sqBAiApoOxk2sfxfZdw | |
cMxXuM0B8bfgGiQ7IlG14wRa7KQioAB3ADXPGRu/sWxXvw+tTG1Cy7u2JyAmUeo/ | |
4SrvqAPDO9ZMAAABfkiPI8kAAAQDAEgwRgIhAJJmNVWqVfFlQLdX8sbbQ9VmJA5K | |
28ldvwLQpnJopgFzAiEAsGYoIzVOBazT96kGYIuJ3k+Zya7PsFtPVyUbOom55PcA | |
dQCzc3cH4YRQ+GOG1gWp3BEJSnktsWcMC4fc8AMOeTalmgAAAX5IjyPnAAAEAwBG | |
MEQCIE0NMqwPjqYJwxYqrh7CVueH1rWvKYvRj8cvv3fr7Ku5AiBGFfeJ+Nsy3VCW | |
TAih+ito29SvJ0TJrDsyHy3PhkmZ6jANBgkqhkiG9w0BAQsFAAOCAQEAih09kwU8 | |
8j/R3/xDkV/2Td/ZbgzUPrrjnMqL32Kv8zqPb0AnaOZbA9XqMuQimLDPqr7fTtKR | |
BRhXStaNT5s7zZm3g9P+Xsxl2XSiuTbR0Y9MOmfgWA0Jv3vw8zq/etdGBrV0stQ/ | |
JB2GKteYl9hP7eOj0xaNg/ylaCDONG084lqVlugggmsW9RgN3zAESmALahezuzlN | |
G5asPhNDCIRyo3mm0hHCV4/Kvoura/bGVkc7Wkk6q/cplN5VCSq9wYk2ugEaxsc1 | |
YeqXpxQtRVJTF/UtuNpWS+Tp1COx3DiaoTjCmEImSzYarfZ7QIMR9opxJEPAB52h | |
s/oLX5ruUXwvIw== | |
-----END CERTIFICATE----- |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
// oidc provider | |
resource "aws_iam_openid_connect_provider" "main" { | |
url = "https://token.actions.githubusercontent.com" | |
client_id_list = ["sts.amazonaws.com"] | |
thumbprint_list = ["a031c46782e6e6c662c2c87c76da9aa62ccabd8e", "6938fd4d98bab03faadb97b34396831e3780aea1"] // added new thumbprint | |
} |
Next update will be happen on Jan 11 23:59:59 2023 GMT
.
Validity
Not Before: Jan 11 00:00:00 2022 GMT
Not After : Jan 11 23:59:59 2023 GMT
@guitarrapc thanks for posting this, this helped us with the prior certificate expiring. I don't want to have the same problem in January 2023 though. Do you know if there is a way to know the next thumbprint before the certificate expires. How long before expiration does GH change their certificate?
@pcothenet I have no idea about how GH handle next certificate renewal 😢 I hope they prepare 2-N weeks before certificate expires, but it's depends on service and no guranteed at all.
Thank you. I'll ask them directly!
…On Wed, Jan 19, 2022 at 12:21 PM Ikiru Yoshizaki ***@***.***> wrote:
***@***.**** commented on this gist.
------------------------------
@pcothenet <https://github.com/pcothenet> I have no idea about how GH
handle next certificate renewal 😢 I hope they prepare 2-N weeks before
certificate expires, but it's depends on service and no guranteed at all.
—
Reply to this email directly, view it on GitHub
<https://gist.github.com/8e6b68f21bc1eef8e7b66bde477d5859#gistcomment-4034450>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AALEOJWQ7YAVMGXP4IN2WNTUW4MLZANCNFSM5L2OBVZA>
.
Triage notifications on the go with GitHub Mobile for iOS
<https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675>
or Android
<https://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub>.
You are receiving this because you were mentioned.Message ID:
***@***.***>
There's an issue on the aws-actions/configure-aws-credentials repo (with a Terraform solution) related to this: aws-actions/configure-aws-credentials#357
nice one. thanks for this
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Your should use
6938fd4d98bab03faadb97b34396831e3780aea1