During the configuration of PKIFED federation for eduGAIN, we got the requirement to see the thumbprint of the SSL Certificate as SHA-256, SHA-1 or MD5 using OpenSSL command. We used the below OpenSSL commands to see the certificate thumbprint. The Thumbprint is an identifier used by some server platforms to locate the certificate in a certificate store.
How to View a Certificate Thumbprint as SHA-256, SHA-1 or MD5 using OpenSSL
Based on your server platform, the SHA-1 or MD5 Fingerprint/Thumbprint may be displayed. Each SSL certificate has a unique Thumbprint and it is used to differentiate or locate the certificate in the certificate store.
Below commands can be used to view the certificate fingerprint/thumbprint of the SSL certificate.
openssl x509 -noout -fingerprint -sha256 -inform pem -in [certificate-file.crt]
openssl x509 -noout -fingerprint -sha1 -inform pem -in [certificate-file.crt]
openssl x509 -noout -fingerprint -md5 -inform pem -in [certificate-file.crt]
The example below is showing the thumbprint of the certificate using the above command.
In previous post you can also read about installing federation tool, Jagger.