Client certificate fingerprint not easily available

[adamsong]

• Node version: v18.16.1
• Browser version: Firefox 114.0.2
• Device, operating system: Windows 10
• The Lounge version: v4.4.1

---

No simple way to view client cert fingerprints for SASL EXTERNAL auth. I get a nice message about doing /msg nickserv CERT ADD but no fingerprint is provided to give nickserv.

[brunnre8]

You normally don't need one, it'll default to the client cert you connected with.

We can't know what fp format is expected anyway (sha1, md5, sha256...) so even if we were to display it, that wouldn't help much.

What we do need is a way to do sasl plain AND certauth at the same time so that you don't have to manually identify to NS.

[adamsong]

Any reason #4092 isn't just a separate checkbox?

[brunnre8]

not particularly

[rpavlik]

it appears as though OFTC doesn't support /msg nickserv CERT ADD without an explicit certificate fingerprint manually passed. Fortunately in that case, it echoes the certificate back to you during connection: https://www.oftc.net/NickServ/CertFP/#AddCertFPtoNS

[adamsong]

The main issue is if I need to authenticate with SASL username/password then it won't send the cert at all, so there is no way to se the fingerprint. As a workaround I just modified my install to always send the cert

[chriscpritchard]

The main issue is if I need to authenticate with SASL username/password then it won't send the cert at all, so there is no way to se the fingerprint. As a workaround I just modified my install to always send the cert

This is the issue I have as well, it would be good to be able to have an option to always send the cert!