I use the HPPTS fingerprints I get off GRC for a small number of sites. I keep the fingerprints in a simple text file for quick access. One of the sites I check every time is CoinBase.com For anyone unfamiliar with it, it is a cryptocurrency exchange- 100% legit and law abiding. I just did a fingerprint of coinbase.com and this is the output:
The site's certificate shows:
It is interesting that for quite a while the site and GRC'c prints were the same. One day maybe 2 weeks ago the mismatch started and still continues. I am guessing that there is something between my computer and Coinbase, something between Coinbase and 'the world', or the most likely, my mistake.
While there has been discussion of how to find a mismatch, I don't think there was any information about what to do if one is found. I would be curious if someone else would fingerprint coinbase and see what fingerprint their certificate shows. If this is a real mismatch as I suspect what if anything can be done to work around it?
Domain Name | Certificate Name | EV | Security Certificate's Authentic Fingerprint | |
coinbase.com | coinbase.com | — | AC:21:4E:90:DE:42:B9:DF:EF:C1:84:46:8A:01:DA:8A:E1:24:98:53 |
The site's certificate shows:
11:7A:9E:53:1A:1A:84:1A:04:0A:B8:9E:A5:40:95:87:7A:3B:43:4D
It is interesting that for quite a while the site and GRC'c prints were the same. One day maybe 2 weeks ago the mismatch started and still continues. I am guessing that there is something between my computer and Coinbase, something between Coinbase and 'the world', or the most likely, my mistake.
While there has been discussion of how to find a mismatch, I don't think there was any information about what to do if one is found. I would be curious if someone else would fingerprint coinbase and see what fingerprint their certificate shows. If this is a real mismatch as I suspect what if anything can be done to work around it?