Written by Jamie Tanna
on April 3, 2019
CC-BY-NC-SA-4.0 Apache-2.0
1 mins

Viewing X.509 DER Certificate Fingerprints with OpenSSL

Let's say that we have a certificate in a file, such as cert.crt:

$ file cert.crt
cert.crt: data

If we want to get its fingerprint, we can run the following:

$ openssl x509 -in cert.crt -inform DER -noout -fingerprint
SHA1 Fingerprint=E0:A3:FE:07:AB:BA:A5:4D:C6:67:52:00:20:D1:DF:F9:1B:E7:B3:E7

Or if we want the SHA256 fingerprint:

$ openssl x509 -in cert.crt -inform DER -noout -fingerprint -sha256
SHA256 Fingerprint=B3:5D:6C:8A:56:A3:D0:F6:AE:F2:A8:60:C0:EE:3F:72:8A:80:F4:F6:32:49:13:DD:7D:B5:D0:2F:8F:66:26:6B

Written by Jamie Tanna on Wed, 03 Apr 2019 19:10:00+01:00, and last updated on Sat, 29 Jun 2019 16:00:41+01:00.

Content for this article is shared under the terms of the Creative Commons Attribution Non Commercial Share Alike 4.0 International, and code is shared under the Apache License 2.0.

#blogumentation #certificates #command-line #der #openssl.

This post was filed under articles.

Interactions with this post

Below you can find the interactions that this page has had using WebMention.

Have you written a response to this post? Let me know the URL:

Do you not have a website set up with WebMention capabilities? You can use Comment Parade.

← → Top