When configuring SAML SSO, some service providers require the fingerprint of the SSL certificate used to sign the SAML Assertion.
Requirements of different service providersvary. Some need a SHA-1 fingerprint, some need an MD5 fingerprint, etc. Depending on the server platform, only the SHA-1 or MD5 fingerprint/thumbprint may be displayed.
OpenSSL can be used to generate the certificate fingerprint with any of the algorithms you might need.
This solution assumes the use of Windows.
Install the latest version of OpenSSL for Windows.
Open the Windows Command Line.
Navigate to the OpenSSL installation directory (the default directory is C:\OpenSSL-Win32\bin).
Run one of the following commands to view the certificate fingerprint/thumbprint:
The algorithm of the fingerprint/thumbprint is unrelated to the encryption algorithm of the certificate. The fingerprint/thumbprint is a identifier used by some server platforms to locate the certificate in a certificate store. You can generate a MD5 fingerprint for a SHA2 certificate.