42

In a x509 digital certificate there is a "certificate fingerprint" section. It contains md5, sha1 and sha256. How are these obtained, and during the SSL connection, how are these values checked for?

Ashwin
  • 1,607
  • 3
  • 18
  • 25

2 Answers2

52

The fingerprint, as displayed in the Fingerprints section when looking at a certificate with Firefox or the thumbprint in IE is the hash of the entire certificate in DER form.

If your certificate is in PEM format, convert it to DER with OpenSSL:

openssl x509 -in cert.crt -outform DER -out cert.cer

Then, perform a SHA-1 hash on it (e.g. with sha1sum1):

sha1sum cert.cer

This should produce the same result as what you see in the browser. These values are not part of the certificate, rather they are computed from the certificate.

One application of these fingerprints is to validate EV certificates. In this case, the SHA-1 fingerprint of the root EV CA certificate is hard-coded in the browser (note that (a) it's the fingerprint of the root cert and (b) it has to match exactly the trust anchors shipped with the version of the browser compiled with those values).

Apart from this, these fingerprints are mostly used for identifying the certificates (for organising them).

It's the actual public keys that are used for the verification of other certificates in the chain. The digest used for signing the certificate is actually not in the certificate (only the resulting signature). See certificate structure:

   Certificate  ::=  SEQUENCE  {
        tbsCertificate       TBSCertificate,
        signatureAlgorithm   AlgorithmIdentifier,
        signatureValue       BIT STRING  }

   TBSCertificate  ::=  SEQUENCE  {
        version         [0]  EXPLICIT Version DEFAULT v1,
        serialNumber         CertificateSerialNumber,
        signature            AlgorithmIdentifier,
        issuer               Name,
        validity             Validity,
        subject              Name,
        ...

In this case, the signature value is computed from the DER encoded tbsCertificate (i.e. its content). When the signature algorithm is SHA1 with RSA (for example), a SHA-1 digest is computed and then signed using the RSA private key of the issuer. This SHA-1 digest has nothing to do with the fingerprint has shown by openssl x509 -fingerprint or within the browser, since it's that of the tbsCertificate section only.

There are also a couple of unrelated extensions that can make use of digests, of the public keys this time: the Subject Key Identifier and the Authority Key Identifier. These are optional (and within the TBS content of the certificate).

Bruno
  • 10,875
  • 1
  • 39
  • 61
  • How to see the signature value. Why is it not present in the certificate? – Ashwin May 01 '12 at 01:42
  • The signature is in the certificate, not its fingerprint. You're changing topic here. You could use the `Signature` class to verify it by hand using the cert's tbsCertificate, its signature and the issuer's public key. If you want RFC 3280 compliance, look into the [Java PKI programmer guide](http://docs.oracle.com/javase/7/docs/technotes/guides/security/certpath/CertPathProgGuide.html). More generally, if this cert is an SSL/TLS client cert, let the X509TrustManager do this. – Bruno May 01 '12 at 09:27
  • @Ashwin, what I'm saying is that this question (on this page) is about fingerprint (you wrote it). What you're asking now in a comment is a different question, and its answer will not fit in a comment. – Bruno May 02 '12 at 10:23
  • Can you answer post the answer in this answer itself(I mean after the answer) or do you want me to post another question? – Ashwin May 02 '12 at 10:44
  • @Ashwin, a separate question would be better, since we'd be going further off-topic on this one. Not sure if this has anything to do with [this question](http://stackoverflow.com/q/10411433/372643) of yours? Are you trying to verify the certificate signature manually? – Bruno May 02 '12 at 12:22
  • Yes it has everything to do with that question. You can give your answer there. In that question I am trying to see if the certificate uploaded by the client is a valid one. For that I used the classes that you mentioned in the PKI PROGRAMMER GUIDE link. Thanks for the answer you have given to the current question. I will accept it. – Ashwin May 02 '12 at 12:28
  • how to print the tbs certificate in openssl? – Ashwin May 29 '12 at 06:22
  • 1
    @Ashwin, I was using [`sha1sum`](http://en.wikipedia.org/wiki/Sha1sum), a standalone SHA-1 utility. You can use `openssl sha1` instead. – Bruno May 29 '12 at 08:00
  • The output of openssl sha1 is the one that I see when I open the certificate file in a notepad. Then I tried openssl md5 - still got the same output as that of sha1 – Ashwin May 29 '12 at 08:15
  • @Ashwin: you're clearly not typing the right thing: `openssl sha1 server.crt` – Bruno May 29 '12 at 08:17
  • Thanks it works now. The md5 finger print in the certificate is B8:0B:5E:C8:93:30:50:FE:83:04:56:80:3B:D2:2C:59 . How do I convert it into normal hexa decimal – Ashwin May 29 '12 at 08:24
0

The fingerprint , also called certificate thumbprint is a set of characters generated from the certificate. These characters uniquely identify a public key.

On Windows, you can find the thumbprint by:

  1. Save the public key using the .cer or .crt filename extension
  2. Double click on the file
  3. Go to details tab
  4. Go to thumbprint.

The thumbprint you see will look like this:

475da948e4ba44d9b5bc31ab4b8006113fd5f538

Above thumbprint is called a sha1 thumbprint / fingerprint.

You can obtain a similar value by using the Openssl command line utility.

Make sure you have openssl installed and from the command line do:

openssl x509  -fingerprint  -in my-cert.cer  

You'll get an output similar to this:

SHA1 Fingerprint=47:5D:A9:48:E4:BA:44:D9:B5:BC:31:AB:4B:80:06:11:3F:D5:F5:38
-----BEGIN CERTIFICATE-----
MIIDczCCAlugAwIBAgIUWmn0PE/4NUHfXSQafB2P5Nml3qIwDQYJKoZIhvcNAQEL
....

The fingerprint / certificate thumbprint is in the first line and it is: 47:5D:A9:48:E4:BA:44:D9:B5:BC:31:AB:4B:80:06:11:3F:D5:F5:38

Notice that it has : in it. A command that gives you only the certificate thumbprint is below:

openssl x509 -noout -fingerprint -sha1 -inform pem -in my-cert.cer 

If you want the thumbprint without the : in the result, you can follow Bruno's answer: https://security.stackexchange.com/a/14345/257739

If you want to generate the certificate thumbprint but you dont have openssl and you dont know to download it, you can just download git instead and from git bash do:

winpty openssl x509  -fingerprint  -in hello-cert.cer
Gilboot
  • 101
  • 2