Using OpenSSl to generate Certificate Hashes and Fingerprints
Example Certificate
I will be using the following certificate for the following examples:
-----BEGIN CERTIFICATE-----
MIICLTCCAbOgAwIBAgIDAYagMAoGCCqGSM49BAMEME0xCzAJBgNVBAYTAlVTMScw
JQYDVQQKDB5UZXN0IENoYW1iZXIgMTMgVHJ1c3QgU2VydmljZXMxFTATBgNVBAMM
DFRDMTMgUm9vdCBSMTAgFw0xOTAxMDEwMDAwMDBaGA8yMDUwMDEwMTAwMDAwMFow
TTELMAkGA1UEBhMCVVMxJzAlBgNVBAoMHlRlc3QgQ2hhbWJlciAxMyBUcnVzdCBT
ZXJ2aWNlczEVMBMGA1UEAwwMVEMxMyBSb290IFIxMHYwEAYHKoZIzj0CAQYFK4EE
ACIDYgAE8+/J1ECc0VHxTtGXFLnHJ3NGZ2SW38pp9wI58L5EQbHRLiezYuvkUbI/
XGJjLnFdpgjo7W1FFlyhx5ITlCstUX5Sn9bLZiA0+mE0n6b8VwhXwkHlnIeRo7od
Zu/OfSFjo2MwYTAdBgNVHQ4EFgQUrGqUJhyRp93wXF645VNtYatRk/AwHwYDVR0j
BBgwFoAUrGqUJhyRp93wXF645VNtYatRk/AwDwYDVR0TAQH/BAUwAwEB/zAOBgNV
HQ8BAf8EBAMCAYYwCgYIKoZIzj0EAwQDaAAwZQIxAJdgskimDJkf/MGVRrKotmNC
xdH/UVQfQppjIR9FAiGeFDr47thclYrzIL6yCkV7nwIwYjf3MbOm/yWblzqe3Uyw
UOemMEg3PjcKNsN65W2WVon5HIZx2XVfGRPjf5ZTVWzZ
-----END CERTIFICATE-----
Short (Subject) Hash
# OpenSSL v0.x
openssl x509 -short_hash -noout -in certificate.crt
5a926d4f
# OpenSSL 1.x
openssl x509 -subject_hash_old -noout -in certificate.crt
Fingerprint
openssl x509 -fingerprint -md5 -noout -in certificate.crt
MD5 Fingerprint=F3:92:31:58:6B:61:15:91:4C:41:8B:F3:5C:CF:CF:2C
openssl x509 -fingerprint -sha1 -noout -in certificate.crt
SHA1 Fingerprint=82:40:3B:A8:F8:8B:46:4A:3D:63:CA:D9:16:9A:6F:E1:F8:75:43:C8
openssl x509 -fingerprint -sha256 -noout -in certificate.crt
SHA256 Fingerprint=AE:97:66:36:41:C2:87:04:91:C9:79:7E:EE:C3:72:58:0B:3A:46:48:4D:3B:FA:5B:BF:4F:69:2A:40:AA:FE:83
openssl x509 -fingerprint -sha512 -noout -in certificate.crt
SHA512 Fingerprint=42:8C:07:F8:D9:DD:53:BC:ED:B3:DA:A1:C6:70:7C:AA:3D:7F:BA:E0:3E:A9:64:4E:74:CD:4C:33:4C:29:18:3F:E0:E2:92:3E:D3:61:27:10:04:9B:84:5E:C0:7C:53:1F:6A:D0:50:CD:F1:E3:3A:8C:96:9A:12:96:C3:ED:BE:A2