openssl certificate fingerprint

G

Guido De Rosa

Sorry folks,

this should be a FAQ but I googled with no useful results. The standard
library OpenSSL RDoc is very poor.

I just need the Ruby equivalent of this command line:

openssl x509 -noout -md5 -fingerprint -in certificate.crt

that is: the md5 (or sha1 etc.) key fingerprint of an X509 certificate.

Thanks very much.
Guido
 
Z

Zoran Regvart

Hi,
the fingerprint is MD5 digest over the certificate in DER (binary)
form, so if your certificate is already in DER just calculate MD5
digest over it:

require 'digest/md5'
puts Digest::MD5.hexdigest(File.read('certificate.crt'))

but if the certificate is in PEM format (the default used in your
command line example), you'll need to either manually BASE64 decode
it, or let the OpenSSL::X509::Certificate do that for you, so:

require 'openssl'
require 'digest/md5'
certificate = OpenSSL::X509::Certificate.new(File.read('certificate.crt'))
puts Digest::MD5.hexdigest(certificate.to_der)

or something along those lines...

zoran
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

OpenSSL verify certificate from own CA 0
certificate verify failed 7
Resolving OpenSSL version mismatch in OS X 10.5.8 3
ruby openssl "no config database" 0
M2Crypto: How to generate subjectKeyIdentifier /authorityKeyIdentifier 4
rsa sign and verify with openssl on windows 7
Getting docs on openssl in ruby 2
fingerprint of a x.509 certificate 6

Members online

Total: 31 (members: 1, guests: 30)
Robots: 426

Forum statistics

Threads
473,768
Messages
2,569,575
Members
45,051
Latest member
CarleyMcCr

Latest Threads

Top