How to View a Certificate Fingerprint as SHA-256, SHA-1 or MD5 using OpenSSL

During the configuration of PKIFED federation for eduGAIN, we got the requirement to see the thumbprint of the SSL Certificate as SHA-256, SHA-1 or MD5 using OpenSSL command. We used the below OpenSSL commands to see the certificate thumbprint. The Thumbprint is an identifier used by some server platforms to locate the certificate in a certificate store.


How to View a Certificate Thumbprint as SHA-256, SHA-1 or MD5 using OpenSSL


Based on your server platform, the SHA-1 or MD5 Fingerprint/Thumbprint may be displayed. Each SSL certificate has a unique Thumbprint and it is used to differentiate or locate the certificate in the certificate store.

Below commands can be used to view the certificate fingerprint/thumbprint of the SSL certificate.

  • SHA-256
    openssl x509 -noout -fingerprint -sha256 -inform pem -in [certificate-file.crt]


  • SHA-1
    openssl x509 -noout -fingerprint -sha1 -inform pem -in [certificate-file.crt]


  • MD5
    openssl x509 -noout -fingerprint -md5 -inform pem -in [certificate-file.crt]

The example below is showing the thumbprint of the certificate using the above command.

In previous post you can also read about installing federation tool,  Jagger.

Leave a Reply

Your email address will not be published. Required fields are marked *