Getting the fingerprint of a certificate in Go

Featured image for sharing metadata for article

If you need to get the fingerprint for a given certificate, we can use OpenSSL to do it, but we may also want to do the same in Go.

We can adapt this StackOverflow answer and this blog post to produce the following:

package main

import (
	"crypto/sha1"
	"crypto/tls"
	"fmt"
	"log"
)

func fingerprint(address string) string {
	conf := &tls.Config{
		InsecureSkipVerify: true, // as it may be self-signed
	}

	conn, err := tls.Dial("tcp", address, conf)
	if err != nil {
		log.Println("Error in Dial", err)
		return ""
	}
	defer conn.Close()
	cert := conn.ConnectionState().PeerCertificates[0]
	fingerprint := sha1.Sum(cert.Raw)
	return fmt.Sprintf("%x", fingerprint) // to make sure it's a hex string
}

func main() {
	fmt.Println(fingerprint("google.com:443"))
}

Written by Jamie Tanna's profile image Jamie Tanna on , and last updated on .

Content for this article is shared under the terms of the Creative Commons Attribution Non Commercial Share Alike 4.0 International, and code is shared under the Apache License 2.0.

#blogumentation #go #certificates.

Also on:

This post was filed under articles.

Interactions with this post

Interactions with this post

Below you can find the interactions that this page has had using WebMention.

Have you written a response to this post? Let me know the URL:

Do you not have a website set up with WebMention capabilities? You can use Comment Parade.