openssl certificate fingerprint

G

Guido De Rosa

Sorry folks,

this should be a FAQ but I googled with no useful results. The standard
library OpenSSL RDoc is very poor.

I just need the Ruby equivalent of this command line:

openssl x509 -noout -md5 -fingerprint -in certificate.crt

that is: the md5 (or sha1 etc.) key fingerprint of an X509 certificate.

Thanks very much.
Guido
 
Z

Zoran Regvart

Hi,
the fingerprint is MD5 digest over the certificate in DER (binary)
form, so if your certificate is already in DER just calculate MD5
digest over it:

require 'digest/md5'
puts Digest::MD5.hexdigest(File.read('certificate.crt'))

but if the certificate is in PEM format (the default used in your
command line example), you'll need to either manually BASE64 decode
it, or let the OpenSSL::X509::Certificate do that for you, so:

require 'openssl'
require 'digest/md5'
certificate = OpenSSL::X509::Certificate.new(File.read('certificate.crt'))
puts Digest::MD5.hexdigest(certificate.to_der)

or something along those lines...

zoran
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

OpenSSL verify certificate from own CA 0
certificate verify failed 7
Resolving OpenSSL version mismatch in OS X 10.5.8 3
ruby openssl "no config database" 0
M2Crypto: How to generate subjectKeyIdentifier /authorityKeyIdentifier 4
rsa sign and verify with openssl on windows 7
Getting docs on openssl in ruby 2
fingerprint of a x.509 certificate 6

Members online

No members online now.
Total: 58 (members: 1, guests: 57)
Robots: 247

Forum statistics

Threads
473,982
Messages
2,570,190
Members
46,736
Latest member
zacharyharris

Latest Threads

Top