Forked from guitarrapc/_get_github_oidc_thumbprint.sh
Created
October 20, 2022 05:39
-
-
Save npalm/4829b8209ba847a4e4b4bd171a6db9d9 to your computer and use it in GitHub Desktop.
Get Thumbprint of GitHub OIDC, updated on 2022/01/13.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
$ openssl s_client -servername token.actions.githubusercontent.com -showcerts -connect token.actions.githubusercontent.com:443 < /dev/null 2>/dev/null | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' | sed "0,/-END CERTIFICATE-/d" > certificate.crt | |
$ openssl x509 -in certificate.crt -fingerprint -noout | cut -f2 -d'=' | tr -d ':' | tr '[:upper:]' '[:lower:]' | |
6938fd4d98bab03faadb97b34396831e3780aea1 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
-----BEGIN CERTIFICATE----- | |
MIIE6jCCA9KgAwIBAgIQCjUI1VwpKwF9+K1lwA/35DANBgkqhkiG9w0BAQsFADBh | |
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 | |
d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD | |
QTAeFw0yMDA5MjQwMDAwMDBaFw0zMDA5MjMyMzU5NTlaME8xCzAJBgNVBAYTAlVT | |
MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxKTAnBgNVBAMTIERpZ2lDZXJ0IFRMUyBS | |
U0EgU0hBMjU2IDIwMjAgQ0ExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC | |
AQEAwUuzZUdwvN1PWNvsnO3DZuUfMRNUrUpmRh8sCuxkB+Uu3Ny5CiDt3+PE0J6a | |
qXodgojlEVbbHp9YwlHnLDQNLtKS4VbL8Xlfs7uHyiUDe5pSQWYQYE9XE0nw6Ddn | |
g9/n00tnTCJRpt8OmRDtV1F0JuJ9x8piLhMbfyOIJVNvwTRYAIuE//i+p1hJInuW | |
raKImxW8oHzf6VGo1bDtN+I2tIJLYrVJmuzHZ9bjPvXj1hJeRPG/cUJ9WIQDgLGB | |
Afr5yjK7tI4nhyfFK3TUqNaX3sNk+crOU6JWvHgXjkkDKa77SU+kFbnO8lwZV21r | |
eacroicgE7XQPUDTITAHk+qZ9QIDAQABo4IBrjCCAaowHQYDVR0OBBYEFLdrouqo | |
qoSMeeq02g+YssWVdrn0MB8GA1UdIwQYMBaAFAPeUDVW0Uy7ZvCj4hsbw5eyPdFV | |
MA4GA1UdDwEB/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIw | |
EgYDVR0TAQH/BAgwBgEB/wIBADB2BggrBgEFBQcBAQRqMGgwJAYIKwYBBQUHMAGG | |
GGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBABggrBgEFBQcwAoY0aHR0cDovL2Nh | |
Y2VydHMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0R2xvYmFsUm9vdENBLmNydDB7BgNV | |
HR8EdDByMDegNaAzhjFodHRwOi8vY3JsMy5kaWdpY2VydC5jb20vRGlnaUNlcnRH | |
bG9iYWxSb290Q0EuY3JsMDegNaAzhjFodHRwOi8vY3JsNC5kaWdpY2VydC5jb20v | |
RGlnaUNlcnRHbG9iYWxSb290Q0EuY3JsMDAGA1UdIAQpMCcwBwYFZ4EMAQEwCAYG | |
Z4EMAQIBMAgGBmeBDAECAjAIBgZngQwBAgMwDQYJKoZIhvcNAQELBQADggEBAHer | |
t3onPa679n/gWlbJhKrKW3EX3SJH/E6f7tDBpATho+vFScH90cnfjK+URSxGKqNj | |
OSD5nkoklEHIqdninFQFBstcHL4AGw+oWv8Zu2XHFq8hVt1hBcnpj5h232sb0HIM | |
ULkwKXq/YFkQZhM6LawVEWwtIwwCPgU7/uWhnOKK24fXSuhe50gG66sSmvKvhMNb | |
g0qZgYOrAKHKCjxMoiWJKiKnpPMzTFuMLhoClw+dj20tlQj7T9rxkTgl4ZxuYRiH | |
as6xuwAwapu3r9rxxZf+ingkquqTgLozZXq8oXfpf2kUCwA/d5KxTVtzhwoT0JzI | |
8ks5T1KESaZMkE4f97Q= | |
-----END CERTIFICATE----- |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
$ curl https://token.actions.githubusercontent.com/.well-known/openid-configuration | |
$ openssl s_client -servername token.actions.githubusercontent.com -showcerts -connect token.actions.githubusercontent.com:443 < /dev/null | |
CONNECTED(00000003) | |
depth=2 C = US, O = DigiCert Inc, OU = www.digicert.com, CN = DigiCert Global Root CA | |
verify return:1 | |
depth=1 C = US, O = DigiCert Inc, CN = DigiCert TLS RSA SHA256 2020 CA1 | |
verify return:1 | |
depth=0 C = US, ST = California, L = San Francisco, O = "GitHub, Inc.", CN = *.actions.githubusercontent.com | |
verify return:1 | |
--- | |
Certificate chain | |
0 s:C = US, ST = California, L = San Francisco, O = "GitHub, Inc.", CN = *.actions.githubusercontent.com | |
i:C = US, O = DigiCert Inc, CN = DigiCert TLS RSA SHA256 2020 CA1 | |
-----BEGIN CERTIFICATE----- | |
MIIG9jCCBd6gAwIBAgIQCFCR4fqbkQJJbzQZsc87qzANBgkqhkiG9w0BAQsFADBP | |
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMSkwJwYDVQQDEyBE | |
aWdpQ2VydCBUTFMgUlNBIFNIQTI1NiAyMDIwIENBMTAeFw0yMjAxMTEwMDAwMDBa | |
Fw0yMzAxMTEyMzU5NTlaMHsxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9y | |
bmlhMRYwFAYDVQQHEw1TYW4gRnJhbmNpc2NvMRUwEwYDVQQKEwxHaXRIdWIsIElu | |
Yy4xKDAmBgNVBAMMHyouYWN0aW9ucy5naXRodWJ1c2VyY29udGVudC5jb20wggEi | |
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCcHl5GgNgXYUI5Zz085Ar9wSiI | |
gdDnOkaXof2u3pcJ1138Tlz6aheVqXfJ8MOAups0LTr9j/dTHAGWKQz0qdyUdYIJ | |
FwiOlkmphoP+a4xVJXbdVVN7qvmfV8f0YnG5oGVyx9hDl/30JReVIYPbC8JNSiIW | |
2jMYnjqPu41tPclNNroW9K8gJUzT/WE4LRHohOmR1GbC1xQ8YlFS6pFs+Xuznou8 | |
TzO8PsXRdaDe/7pYZgR/Otv5XLY5siCBraMuxtj1g4Z/Tz8d2Z+sMPIxtHZjxmcu | |
LPfIix6cARSpJFgGF7Yh9vgLK9jEkgfuU1Nnshv7S6ylIn5SfHNToQjCRSPJAgMB | |
AAGjggOgMIIDnDAfBgNVHSMEGDAWgBS3a6LqqKqEjHnqtNoPmLLFlXa59DAdBgNV | |
HQ4EFgQUibMM9Yecb/WbuZDkxiGVR39k0QMwSQYDVR0RBEIwQIIfKi5hY3Rpb25z | |
LmdpdGh1YnVzZXJjb250ZW50LmNvbYIdYWN0aW9ucy5naXRodWJ1c2VyY29udGVu | |
dC5jb20wDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEF | |
BQcDAjCBjwYDVR0fBIGHMIGEMECgPqA8hjpodHRwOi8vY3JsMy5kaWdpY2VydC5j | |
b20vRGlnaUNlcnRUTFNSU0FTSEEyNTYyMDIwQ0ExLTQuY3JsMECgPqA8hjpodHRw | |
Oi8vY3JsNC5kaWdpY2VydC5jb20vRGlnaUNlcnRUTFNSU0FTSEEyNTYyMDIwQ0Ex | |
LTQuY3JsMD4GA1UdIAQ3MDUwMwYGZ4EMAQICMCkwJwYIKwYBBQUHAgEWG2h0dHA6 | |
Ly93d3cuZGlnaWNlcnQuY29tL0NQUzB/BggrBgEFBQcBAQRzMHEwJAYIKwYBBQUH | |
MAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBJBggrBgEFBQcwAoY9aHR0cDov | |
L2NhY2VydHMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0VExTUlNBU0hBMjU2MjAyMENB | |
MS0xLmNydDAMBgNVHRMBAf8EAjAAMIIBfQYKKwYBBAHWeQIEAgSCAW0EggFpAWcA | |
dQCt9776fP8QyIudPZwePhhqtGcpXc+xDCTKhYY069yCigAAAX5IjyPvAAAEAwBG | |
MEQCIDxMGruNl33xLmOdh2UdMxA3aiuIX3vgeXSuXRce6sqBAiApoOxk2sfxfZdw | |
cMxXuM0B8bfgGiQ7IlG14wRa7KQioAB3ADXPGRu/sWxXvw+tTG1Cy7u2JyAmUeo/ | |
4SrvqAPDO9ZMAAABfkiPI8kAAAQDAEgwRgIhAJJmNVWqVfFlQLdX8sbbQ9VmJA5K | |
28ldvwLQpnJopgFzAiEAsGYoIzVOBazT96kGYIuJ3k+Zya7PsFtPVyUbOom55PcA | |
dQCzc3cH4YRQ+GOG1gWp3BEJSnktsWcMC4fc8AMOeTalmgAAAX5IjyPnAAAEAwBG | |
MEQCIE0NMqwPjqYJwxYqrh7CVueH1rWvKYvRj8cvv3fr7Ku5AiBGFfeJ+Nsy3VCW | |
TAih+ito29SvJ0TJrDsyHy3PhkmZ6jANBgkqhkiG9w0BAQsFAAOCAQEAih09kwU8 | |
8j/R3/xDkV/2Td/ZbgzUPrrjnMqL32Kv8zqPb0AnaOZbA9XqMuQimLDPqr7fTtKR | |
BRhXStaNT5s7zZm3g9P+Xsxl2XSiuTbR0Y9MOmfgWA0Jv3vw8zq/etdGBrV0stQ/ | |
JB2GKteYl9hP7eOj0xaNg/ylaCDONG084lqVlugggmsW9RgN3zAESmALahezuzlN | |
G5asPhNDCIRyo3mm0hHCV4/Kvoura/bGVkc7Wkk6q/cplN5VCSq9wYk2ugEaxsc1 | |
YeqXpxQtRVJTF/UtuNpWS+Tp1COx3DiaoTjCmEImSzYarfZ7QIMR9opxJEPAB52h | |
s/oLX5ruUXwvIw== | |
-----END CERTIFICATE----- | |
1 s:C = US, O = DigiCert Inc, CN = DigiCert TLS RSA SHA256 2020 CA1 | |
i:C = US, O = DigiCert Inc, OU = www.digicert.com, CN = DigiCert Global Root CA | |
-----BEGIN CERTIFICATE----- | |
MIIE6jCCA9KgAwIBAgIQCjUI1VwpKwF9+K1lwA/35DANBgkqhkiG9w0BAQsFADBh | |
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 | |
d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD | |
QTAeFw0yMDA5MjQwMDAwMDBaFw0zMDA5MjMyMzU5NTlaME8xCzAJBgNVBAYTAlVT | |
MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxKTAnBgNVBAMTIERpZ2lDZXJ0IFRMUyBS | |
U0EgU0hBMjU2IDIwMjAgQ0ExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC | |
AQEAwUuzZUdwvN1PWNvsnO3DZuUfMRNUrUpmRh8sCuxkB+Uu3Ny5CiDt3+PE0J6a | |
qXodgojlEVbbHp9YwlHnLDQNLtKS4VbL8Xlfs7uHyiUDe5pSQWYQYE9XE0nw6Ddn | |
g9/n00tnTCJRpt8OmRDtV1F0JuJ9x8piLhMbfyOIJVNvwTRYAIuE//i+p1hJInuW | |
raKImxW8oHzf6VGo1bDtN+I2tIJLYrVJmuzHZ9bjPvXj1hJeRPG/cUJ9WIQDgLGB | |
Afr5yjK7tI4nhyfFK3TUqNaX3sNk+crOU6JWvHgXjkkDKa77SU+kFbnO8lwZV21r | |
eacroicgE7XQPUDTITAHk+qZ9QIDAQABo4IBrjCCAaowHQYDVR0OBBYEFLdrouqo | |
qoSMeeq02g+YssWVdrn0MB8GA1UdIwQYMBaAFAPeUDVW0Uy7ZvCj4hsbw5eyPdFV | |
MA4GA1UdDwEB/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIw | |
EgYDVR0TAQH/BAgwBgEB/wIBADB2BggrBgEFBQcBAQRqMGgwJAYIKwYBBQUHMAGG | |
GGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBABggrBgEFBQcwAoY0aHR0cDovL2Nh | |
Y2VydHMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0R2xvYmFsUm9vdENBLmNydDB7BgNV | |
HR8EdDByMDegNaAzhjFodHRwOi8vY3JsMy5kaWdpY2VydC5jb20vRGlnaUNlcnRH | |
bG9iYWxSb290Q0EuY3JsMDegNaAzhjFodHRwOi8vY3JsNC5kaWdpY2VydC5jb20v | |
RGlnaUNlcnRHbG9iYWxSb290Q0EuY3JsMDAGA1UdIAQpMCcwBwYFZ4EMAQEwCAYG | |
Z4EMAQIBMAgGBmeBDAECAjAIBgZngQwBAgMwDQYJKoZIhvcNAQELBQADggEBAHer | |
t3onPa679n/gWlbJhKrKW3EX3SJH/E6f7tDBpATho+vFScH90cnfjK+URSxGKqNj | |
OSD5nkoklEHIqdninFQFBstcHL4AGw+oWv8Zu2XHFq8hVt1hBcnpj5h232sb0HIM | |
ULkwKXq/YFkQZhM6LawVEWwtIwwCPgU7/uWhnOKK24fXSuhe50gG66sSmvKvhMNb | |
g0qZgYOrAKHKCjxMoiWJKiKnpPMzTFuMLhoClw+dj20tlQj7T9rxkTgl4ZxuYRiH | |
as6xuwAwapu3r9rxxZf+ingkquqTgLozZXq8oXfpf2kUCwA/d5KxTVtzhwoT0JzI | |
8ks5T1KESaZMkE4f97Q= | |
-----END CERTIFICATE----- | |
--- | |
Server certificate | |
subject=C = US, ST = California, L = San Francisco, O = "GitHub, Inc.", CN = *.actions.githubusercontent.com | |
issuer=C = US, O = DigiCert Inc, CN = DigiCert TLS RSA SHA256 2020 CA1 | |
--- | |
No client certificate CA names sent | |
Peer signing digest: SHA256 | |
Peer signature type: RSA-PSS | |
Server Temp Key: ECDH, P-384, 384 bits | |
--- | |
SSL handshake has read 3854 bytes and written 485 bytes | |
Verification: OK | |
--- | |
New, TLSv1.2, Cipher is ECDHE-RSA-AES256-GCM-SHA384 | |
Server public key is 2048 bit | |
Secure Renegotiation IS supported | |
Compression: NONE | |
Expansion: NONE | |
No ALPN negotiated | |
SSL-Session: | |
Protocol : TLSv1.2 | |
Cipher : ECDHE-RSA-AES256-GCM-SHA384 | |
Session-ID: 4C50FF4BC6477E099C9A4CACE6222BB0522842E9B123D53015D48486912CFE6C | |
Session-ID-ctx: | |
Master-Key: 886D9942CA50B8C12502A9FED7B65ADA854AF7E716A30BF3C4A635F24EEAFF636EDE536EA741A3A767107CE3C5FDDB04 | |
PSK identity: None | |
PSK identity hint: None | |
SRP username: None | |
TLS session ticket lifetime hint: 36000 (seconds) | |
TLS session ticket: | |
0000 - 00 00 00 00 99 65 c2 71-5b 5c 53 4f 9b 4f 35 86 .....e.q[\SO.O5. | |
0010 - b3 82 a6 9e 4c e1 ae de-2f c1 33 df 99 53 cb 3f ....L.../.3..S.? | |
0020 - ee 3a 38 43 78 ed e4 1a-ce ba a3 44 c5 0c 52 fa .:8Cx......D..R. | |
0030 - 88 9b 37 03 9e a6 80 1b-f1 44 4a 33 c7 cc 8c 8b ..7......DJ3.... | |
0040 - d1 af 4f b9 d5 35 34 30-04 61 42 8e df e3 37 14 ..O..540.aB...7. | |
0050 - 68 a7 59 6c 28 82 f5 91-df 63 a8 59 ab f3 69 cc h.Yl(....c.Y..i. | |
0060 - 8c c6 4e 46 28 e4 51 ac-d6 72 d1 6d 08 cf 17 a7 ..NF(.Q..r.m.... | |
0070 - 25 40 dc 25 4f c6 a4 8c-fc de 3b c6 66 66 32 a9 %@.%O.....;.ff2. | |
0080 - 6b f7 6a 9f a4 d5 22 03-86 b3 2e bb 84 92 2c a1 k.j...".......,. | |
0090 - 9e 68 24 07 44 6a 4a 66-f0 99 0c 40 c0 6b 17 83 [email protected].. | |
00a0 - 44 2c 96 61 0f 73 f9 43-e1 b6 27 80 3c ec 32 69 D,.a.s.C..'.<.2i | |
00b0 - be 0b 68 d7 41 5f 92 98-41 d6 49 38 1c 21 49 6c ..h.A_..A.I8.!Il | |
00c0 - 20 42 24 12 d4 74 5e be-aa 19 45 7d b1 ee 8f 83 B$..t^...E}.... | |
00d0 - c8 be 3f f7 ca 8d 7b 61-53 c9 06 98 cb db bd ac ..?...{aS....... | |
00e0 - c6 fa d6 8e 46 52 f6 8f-97 2d 53 93 48 51 43 3b ....FR...-S.HQC; | |
00f0 - 65 37 c2 2e c3 d1 01 1e-c2 b5 39 ed c7 a1 0f 1e e7........9..... | |
0100 - 5b f1 21 f4 [.!. | |
Start Time: 1642036537 | |
Timeout : 7200 (sec) | |
Verify return code: 0 (ok) | |
Extended master secret: yes | |
--- |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
$ openssl s_client -servername token.actions.githubusercontent.com -connect token.actions.githubusercontent.com:443 < /dev/null | openssl x509 -text | |
depth=2 C = US, O = DigiCert Inc, OU = www.digicert.com, CN = DigiCert Global Root CA | |
verify return:1 | |
depth=1 C = US, O = DigiCert Inc, CN = DigiCert TLS RSA SHA256 2020 CA1 | |
verify return:1 | |
depth=0 C = US, ST = California, L = San Francisco, O = "GitHub, Inc.", CN = *.actions.githubusercontent.com | |
verify return:1 | |
DONE | |
Certificate: | |
Data: | |
Version: 3 (0x2) | |
Serial Number: | |
08:50:91:e1:fa:9b:91:02:49:6f:34:19:b1:cf:3b:ab | |
Signature Algorithm: sha256WithRSAEncryption | |
Issuer: C = US, O = DigiCert Inc, CN = DigiCert TLS RSA SHA256 2020 CA1 | |
Validity | |
Not Before: Jan 11 00:00:00 2022 GMT | |
Not After : Jan 11 23:59:59 2023 GMT | |
Subject: C = US, ST = California, L = San Francisco, O = "GitHub, Inc.", CN = *.actions.githubusercontent.com | |
Subject Public Key Info: | |
Public Key Algorithm: rsaEncryption | |
RSA Public-Key: (2048 bit) | |
Modulus: | |
00:9c:1e:5e:46:80:d8:17:61:42:39:67:3d:3c:e4: | |
0a:fd:c1:28:88:81:d0:e7:3a:46:97:a1:fd:ae:de: | |
97:09:d7:5d:fc:4e:5c:fa:6a:17:95:a9:77:c9:f0: | |
c3:80:ba:9b:34:2d:3a:fd:8f:f7:53:1c:01:96:29: | |
0c:f4:a9:dc:94:75:82:09:17:08:8e:96:49:a9:86: | |
83:fe:6b:8c:55:25:76:dd:55:53:7b:aa:f9:9f:57: | |
c7:f4:62:71:b9:a0:65:72:c7:d8:43:97:fd:f4:25: | |
17:95:21:83:db:0b:c2:4d:4a:22:16:da:33:18:9e: | |
3a:8f:bb:8d:6d:3d:c9:4d:36:ba:16:f4:af:20:25: | |
4c:d3:fd:61:38:2d:11:e8:84:e9:91:d4:66:c2:d7: | |
14:3c:62:51:52:ea:91:6c:f9:7b:b3:9e:8b:bc:4f: | |
33:bc:3e:c5:d1:75:a0:de:ff:ba:58:66:04:7f:3a: | |
db:f9:5c:b6:39:b2:20:81:ad:a3:2e:c6:d8:f5:83: | |
86:7f:4f:3f:1d:d9:9f:ac:30:f2:31:b4:76:63:c6: | |
67:2e:2c:f7:c8:8b:1e:9c:01:14:a9:24:58:06:17: | |
b6:21:f6:f8:0b:2b:d8:c4:92:07:ee:53:53:67:b2: | |
1b:fb:4b:ac:a5:22:7e:52:7c:73:53:a1:08:c2:45: | |
23:c9 | |
Exponent: 65537 (0x10001) | |
X509v3 extensions: | |
X509v3 Authority Key Identifier: | |
keyid:B7:6B:A2:EA:A8:AA:84:8C:79:EA:B4:DA:0F:98:B2:C5:95:76:B9:F4 | |
X509v3 Subject Key Identifier: | |
89:B3:0C:F5:87:9C:6F:F5:9B:B9:90:E4:C6:21:95:47:7F:64:D1:03 | |
X509v3 Subject Alternative Name: | |
DNS:*.actions.githubusercontent.com, DNS:actions.githubusercontent.com | |
X509v3 Key Usage: critical | |
Digital Signature, Key Encipherment | |
X509v3 Extended Key Usage: | |
TLS Web Server Authentication, TLS Web Client Authentication | |
X509v3 CRL Distribution Points: | |
Full Name: | |
URI:http://crl3.digicert.com/DigiCertTLSRSASHA2562020CA1-4.crl | |
Full Name: | |
URI:http://crl4.digicert.com/DigiCertTLSRSASHA2562020CA1-4.crl | |
X509v3 Certificate Policies: | |
Policy: 2.23.140.1.2.2 | |
CPS: http://www.digicert.com/CPS | |
Authority Information Access: | |
OCSP - URI:http://ocsp.digicert.com | |
CA Issuers - URI:http://cacerts.digicert.com/DigiCertTLSRSASHA2562020CA1-1.crt | |
X509v3 Basic Constraints: critical | |
CA:FALSE | |
CT Precertificate SCTs: | |
Signed Certificate Timestamp: | |
Version : v1 (0x0) | |
Log ID : AD:F7:BE:FA:7C:FF:10:C8:8B:9D:3D:9C:1E:3E:18:6A: | |
B4:67:29:5D:CF:B1:0C:24:CA:85:86:34:EB:DC:82:8A | |
Timestamp : Jan 11 09:54:07.471 2022 GMT | |
Extensions: none | |
Signature : ecdsa-with-SHA256 | |
30:44:02:20:3C:4C:1A:BB:8D:97:7D:F1:2E:63:9D:87: | |
65:1D:33:10:37:6A:2B:88:5F:7B:E0:79:74:AE:5D:17: | |
1E:EA:CA:81:02:20:29:A0:EC:64:DA:C7:F1:7D:97:70: | |
70:CC:57:B8:CD:01:F1:B7:E0:1A:24:3B:22:51:B5:E3: | |
04:5A:EC:A4:22:A0 | |
Signed Certificate Timestamp: | |
Version : v1 (0x0) | |
Log ID : 35:CF:19:1B:BF:B1:6C:57:BF:0F:AD:4C:6D:42:CB:BB: | |
B6:27:20:26:51:EA:3F:E1:2A:EF:A8:03:C3:3B:D6:4C | |
Timestamp : Jan 11 09:54:07.433 2022 GMT | |
Extensions: none | |
Signature : ecdsa-with-SHA256 | |
30:46:02:21:00:92:66:35:55:AA:55:F1:65:40:B7:57: | |
F2:C6:DB:43:D5:66:24:0E:4A:DB:C9:5D:BF:02:D0:A6: | |
72:68:A6:01:73:02:21:00:B0:66:28:23:35:4E:05:AC: | |
D3:F7:A9:06:60:8B:89:DE:4F:99:C9:AE:CF:B0:5B:4F: | |
57:25:1B:3A:89:B9:E4:F7 | |
Signed Certificate Timestamp: | |
Version : v1 (0x0) | |
Log ID : B3:73:77:07:E1:84:50:F8:63:86:D6:05:A9:DC:11:09: | |
4A:79:2D:B1:67:0C:0B:87:DC:F0:03:0E:79:36:A5:9A | |
Timestamp : Jan 11 09:54:07.463 2022 GMT | |
Extensions: none | |
Signature : ecdsa-with-SHA256 | |
30:44:02:20:4D:0D:32:AC:0F:8E:A6:09:C3:16:2A:AE: | |
1E:C2:56:E7:87:D6:B5:AF:29:8B:D1:8F:C7:2F:BF:77: | |
EB:EC:AB:B9:02:20:46:15:F7:89:F8:DB:32:DD:50:96: | |
4C:08:A1:FA:2B:68:DB:D4:AF:27:44:C9:AC:3B:32:1F: | |
2D:CF:86:49:99:EA | |
Signature Algorithm: sha256WithRSAEncryption | |
8a:1d:3d:93:05:3c:f2:3f:d1:df:fc:43:91:5f:f6:4d:df:d9: | |
6e:0c:d4:3e:ba:e3:9c:ca:8b:df:62:af:f3:3a:8f:6f:40:27: | |
68:e6:5b:03:d5:ea:32:e4:22:98:b0:cf:aa:be:df:4e:d2:91: | |
05:18:57:4a:d6:8d:4f:9b:3b:cd:99:b7:83:d3:fe:5e:cc:65: | |
d9:74:a2:b9:36:d1:d1:8f:4c:3a:67:e0:58:0d:09:bf:7b:f0: | |
f3:3a:bf:7a:d7:46:06:b5:74:b2:d4:3f:24:1d:86:2a:d7:98: | |
97:d8:4f:ed:e3:a3:d3:16:8d:83:fc:a5:68:20:ce:34:6d:3c: | |
e2:5a:95:96:e8:20:82:6b:16:f5:18:0d:df:30:04:4a:60:0b: | |
6a:17:b3:bb:39:4d:1b:96:ac:3e:13:43:08:84:72:a3:79:a6: | |
d2:11:c2:57:8f:ca:be:8b:ab:6b:f6:c6:56:47:3b:5a:49:3a: | |
ab:f7:29:94:de:55:09:2a:bd:c1:89:36:ba:01:1a:c6:c7:35: | |
61:ea:97:a7:14:2d:45:52:53:17:f5:2d:b8:da:56:4b:e4:e9: | |
d4:23:b1:dc:38:9a:a1:38:c2:98:42:26:4b:36:1a:ad:f6:7b: | |
40:83:11:f6:8a:71:24:43:c0:07:9d:a1:b3:fa:0b:5f:9a:ee: | |
51:7c:2f:23 | |
-----BEGIN CERTIFICATE----- | |
MIIG9jCCBd6gAwIBAgIQCFCR4fqbkQJJbzQZsc87qzANBgkqhkiG9w0BAQsFADBP | |
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMSkwJwYDVQQDEyBE | |
aWdpQ2VydCBUTFMgUlNBIFNIQTI1NiAyMDIwIENBMTAeFw0yMjAxMTEwMDAwMDBa | |
Fw0yMzAxMTEyMzU5NTlaMHsxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9y | |
bmlhMRYwFAYDVQQHEw1TYW4gRnJhbmNpc2NvMRUwEwYDVQQKEwxHaXRIdWIsIElu | |
Yy4xKDAmBgNVBAMMHyouYWN0aW9ucy5naXRodWJ1c2VyY29udGVudC5jb20wggEi | |
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCcHl5GgNgXYUI5Zz085Ar9wSiI | |
gdDnOkaXof2u3pcJ1138Tlz6aheVqXfJ8MOAups0LTr9j/dTHAGWKQz0qdyUdYIJ | |
FwiOlkmphoP+a4xVJXbdVVN7qvmfV8f0YnG5oGVyx9hDl/30JReVIYPbC8JNSiIW | |
2jMYnjqPu41tPclNNroW9K8gJUzT/WE4LRHohOmR1GbC1xQ8YlFS6pFs+Xuznou8 | |
TzO8PsXRdaDe/7pYZgR/Otv5XLY5siCBraMuxtj1g4Z/Tz8d2Z+sMPIxtHZjxmcu | |
LPfIix6cARSpJFgGF7Yh9vgLK9jEkgfuU1Nnshv7S6ylIn5SfHNToQjCRSPJAgMB | |
AAGjggOgMIIDnDAfBgNVHSMEGDAWgBS3a6LqqKqEjHnqtNoPmLLFlXa59DAdBgNV | |
HQ4EFgQUibMM9Yecb/WbuZDkxiGVR39k0QMwSQYDVR0RBEIwQIIfKi5hY3Rpb25z | |
LmdpdGh1YnVzZXJjb250ZW50LmNvbYIdYWN0aW9ucy5naXRodWJ1c2VyY29udGVu | |
dC5jb20wDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEF | |
BQcDAjCBjwYDVR0fBIGHMIGEMECgPqA8hjpodHRwOi8vY3JsMy5kaWdpY2VydC5j | |
b20vRGlnaUNlcnRUTFNSU0FTSEEyNTYyMDIwQ0ExLTQuY3JsMECgPqA8hjpodHRw | |
Oi8vY3JsNC5kaWdpY2VydC5jb20vRGlnaUNlcnRUTFNSU0FTSEEyNTYyMDIwQ0Ex | |
LTQuY3JsMD4GA1UdIAQ3MDUwMwYGZ4EMAQICMCkwJwYIKwYBBQUHAgEWG2h0dHA6 | |
Ly93d3cuZGlnaWNlcnQuY29tL0NQUzB/BggrBgEFBQcBAQRzMHEwJAYIKwYBBQUH | |
MAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBJBggrBgEFBQcwAoY9aHR0cDov | |
L2NhY2VydHMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0VExTUlNBU0hBMjU2MjAyMENB | |
MS0xLmNydDAMBgNVHRMBAf8EAjAAMIIBfQYKKwYBBAHWeQIEAgSCAW0EggFpAWcA | |
dQCt9776fP8QyIudPZwePhhqtGcpXc+xDCTKhYY069yCigAAAX5IjyPvAAAEAwBG | |
MEQCIDxMGruNl33xLmOdh2UdMxA3aiuIX3vgeXSuXRce6sqBAiApoOxk2sfxfZdw | |
cMxXuM0B8bfgGiQ7IlG14wRa7KQioAB3ADXPGRu/sWxXvw+tTG1Cy7u2JyAmUeo/ | |
4SrvqAPDO9ZMAAABfkiPI8kAAAQDAEgwRgIhAJJmNVWqVfFlQLdX8sbbQ9VmJA5K | |
28ldvwLQpnJopgFzAiEAsGYoIzVOBazT96kGYIuJ3k+Zya7PsFtPVyUbOom55PcA | |
dQCzc3cH4YRQ+GOG1gWp3BEJSnktsWcMC4fc8AMOeTalmgAAAX5IjyPnAAAEAwBG | |
MEQCIE0NMqwPjqYJwxYqrh7CVueH1rWvKYvRj8cvv3fr7Ku5AiBGFfeJ+Nsy3VCW | |
TAih+ito29SvJ0TJrDsyHy3PhkmZ6jANBgkqhkiG9w0BAQsFAAOCAQEAih09kwU8 | |
8j/R3/xDkV/2Td/ZbgzUPrrjnMqL32Kv8zqPb0AnaOZbA9XqMuQimLDPqr7fTtKR | |
BRhXStaNT5s7zZm3g9P+Xsxl2XSiuTbR0Y9MOmfgWA0Jv3vw8zq/etdGBrV0stQ/ | |
JB2GKteYl9hP7eOj0xaNg/ylaCDONG084lqVlugggmsW9RgN3zAESmALahezuzlN | |
G5asPhNDCIRyo3mm0hHCV4/Kvoura/bGVkc7Wkk6q/cplN5VCSq9wYk2ugEaxsc1 | |
YeqXpxQtRVJTF/UtuNpWS+Tp1COx3DiaoTjCmEImSzYarfZ7QIMR9opxJEPAB52h | |
s/oLX5ruUXwvIw== | |
-----END CERTIFICATE----- |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
// oidc provider | |
resource "aws_iam_openid_connect_provider" "main" { | |
url = "https://token.actions.githubusercontent.com" | |
client_id_list = ["sts.amazonaws.com"] | |
thumbprint_list = ["a031c46782e6e6c662c2c87c76da9aa62ccabd8e", "6938fd4d98bab03faadb97b34396831e3780aea1"] // added new thumbprint | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment