Viewing X.509 DER Certificate Fingerprints with OpenSSL

Let's say that we have a certificate in a file, such as cert.crt:

$ file cert.crt
cert.crt: data

If we want to get its fingerprint, we can run the following:

$ openssl x509 -in cert.crt -inform DER -noout -fingerprint
SHA1 Fingerprint=E0:A3:FE:07:AB:BA:A5:4D:C6:67:52:00:20:D1:DF:F9:1B:E7:B3:E7

Or if we want the SHA256 fingerprint:

$ openssl x509 -in cert.crt -inform DER -noout -fingerprint -sha256
SHA256 Fingerprint=B3:5D:6C:8A:56:A3:D0:F6:AE:F2:A8:60:C0:EE:3F:72:8A:80:F4:F6:32:49:13:DD:7D:B5:D0:2F:8F:66:26:6B

Written by Jamie Tanna's profile image Jamie Tanna on , and last updated on .

Content for this article is shared under the terms of the Creative Commons Attribution Non Commercial Share Alike 4.0 International, and code is shared under the Apache License 2.0.


This post was filed under articles.

Related Posts

Other posts you may be interested in:

Interactions with this post

Interactions with this post

Below you can find the interactions that this page has had using WebMention.

Have you written a response to this post? Let me know the URL:

Do you not have a website set up with WebMention capabilities? You can use Comment Parade.