如何获取证书指纹fingerprint

所有证书都包含唯一的指纹信息(fingerprint),可以通过OPENSSL 命令获取指纹信息,大家经常用到的指纹信息一般是指SHA1指纹

获取SHA1指纹

openssl x509 -noout -fingerprint -in  certificate.crt

OR

openssl x509 -noout -fingerprint -sha1 -in certificate.crt

获取SHA256指纹

openssl x509 -noout -fingerprint -sha256 -in certificate.crt

如上述命令报错信息如下,应该是证书使用了DER编码格式,请使用如下命令


unable to load certificate
140697206048656:error:0906D06C:PEM routines:PEM_read_bio:no start line:pem_lib.c:707:Expecting: TRUSTED CERTIFICATE

获取SHA1指纹

openssl x509 -noout -inform DER -fingerprint -sha1 -in certificate.der

获取SHA256指纹

openssl x509 -noout -inform DER -fingerprint -sha256 -in certificate.der

原创作品,如需转载,请注明出处