Sorry folks,
this should be a FAQ but I googled with no useful results. The standard
library OpenSSL RDoc is very poor.
I just need the Ruby equivalent of this command line:
openssl x509 -noout -md5 -fingerprint -in certificate.crt
that is: the md5 (or sha1 etc.) key fingerprint of an X509 certificate.
Thanks very much.
Guido
Hi,
the fingerprint is MD5 digest over the certificate in DER (binary)
form, so if your certificate is already in DER just calculate MD5
digest over it:
require ‘digest/md5’
puts Digest::MD5.hexdigest(File.read(‘certificate.crt’))
but if the certificate is in PEM format (the default used in your
command line example), you’ll need to either manually BASE64 decode
it, or let the OpenSSL::X509::Certificate do that for you, so:
require ‘openssl’
require ‘digest/md5’
certificate =
OpenSSL::X509::Certificate.new(File.read(‘certificate.crt’))
puts Digest::MD5.hexdigest(certificate.to_der)
or something along those lines…
zoran
Zoran Regvart wrote in post #949806:
Hi,
the fingerprint is MD5 digest over the certificate in DER (binary)
Great! Thanks.
G.
This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.
Sponsor our Newsletter | Privacy Policy | Terms of Service | Remote Ruby Jobs