How to view a certificate fingerprint as SHA-256, SHA-1 or MD5 using OpenSSL for RSA Authentication Manager
Originally Published: 2019-06-26
Article Number
Applies To
RSA Product/Service Type: RSA Cloud Authentication Service
Issue
Requirements of different service providersvary. Some need a SHA-1 fingerprint, some need an MD5 fingerprint, etc. Depending on the server platform, only the SHA-1 or MD5 fingerprint/thumbprint may be displayed.
Tasks
Resolution
This solution assumes the use of Windows.
- Install the latest version of OpenSSL for Windows.
- Open the Windows Command Line.
- Navigate to the OpenSSL installation directory (the default directory is C:\OpenSSL-Win32\bin).
- Run one of the following commands to view the certificate fingerprint/thumbprint:
-
SHA-256
openssl x509 -noout -fingerprint -sha256 -inform pem -in [certificate-file.crt]
-
SHA-1
openssl x509 -noout -fingerprint -sha1 -inform pem -in [certificate-file.crt]
-
MD5
openssl x509 -noout -fingerprint -md5 -inform pem -in [certificate-file.crt]
The example below displays the value of the same certificate using each algorithm:
C:\OpenSSL-Win32\bin>openssl x509 -noout -fingerprint -sha256 -inform pem -in c:\test\cert.cer SHA256 Fingerprint=E6:5A:5D:37:22:FC:EF:EA:4B:22:92:45:BC:49:D2:29:3D:84:19:BC:C3:45:23:A1:22:A4:99:20:9D:03:E6:47 C:\OpenSSL-Win32\bin>openssl x509 -noout -fingerprint -sha1 -inform pem -in c:\test\cert.cer SHA1 Fingerprint=1E:DD:AD:32:C3:54:3F:C3:6F:7F:94:51:8D:5E:F7:ED:7C:DB:5D:A5 C:\OpenSSL-Win32\bin>openssl x509 -noout -fingerprint -md5 -inform pem -in c:\test\cert.cer MD5 Fingerprint=AA:6F:C8:3F:37:78:7A;BE:A6:BE:2C:51:26:16:3F:D3 C:\OpenSSL-Win32\bin>
Notes
Related Articles
Error: '%1 is not a valid win32 application' when starting RSA RADIUS Server 6.1 Number of Views RSA WTD Silvertail - varz for silvertap or other remote service won't load...remote silvertap machine(s) Number of Views FIM - FIPS 140-2 compliance. TLS1 ciphers Number of Views Test Solution - DO NOT DELETE - web - sdi main - flagged for review Number of Views FIM 3.1.2 - CryptoJ jar causing signature verification errors with md2 signature algorithm Number of Views
Trending Articles
RSA Authentication Manager 8.9 Release Notes (January 2026) RSA announces the availability of the RSA SecurID Hardware Appliance 230 based on the Dell PowerEdge R240 Server How to troubleshoot Oracle database ORA-04030 errors in RSA Identity Governance & Lifecycle RSA Authentication Manager Upgrade Process Microsoft SQL Server Collectors can no longer connect to the SQL Server database after upgrade to Microsoft SQL Server 201…
Don't see what you're looking for?
