How to view a certificate fingerprint as SHA-256, SHA-1 or MD5 using OpenSSL for RSA Authentication Manager
Originally Published: 2019-06-26
Article Number
Applies To
RSA Product/Service Type: RSA Cloud Authentication Service
Issue
Requirements of different service providersvary. Some need a SHA-1 fingerprint, some need an MD5 fingerprint, etc. Depending on the server platform, only the SHA-1 or MD5 fingerprint/thumbprint may be displayed.
Tasks
Resolution
This solution assumes the use of Windows.
- Install the latest version of OpenSSL for Windows.
- Open the Windows Command Line.
- Navigate to the OpenSSL installation directory (the default directory is C:\OpenSSL-Win32\bin).
- Run one of the following commands to view the certificate fingerprint/thumbprint:
-
SHA-256
openssl x509 -noout -fingerprint -sha256 -inform pem -in [certificate-file.crt]
-
SHA-1
openssl x509 -noout -fingerprint -sha1 -inform pem -in [certificate-file.crt]
-
MD5
openssl x509 -noout -fingerprint -md5 -inform pem -in [certificate-file.crt]
The example below displays the value of the same certificate using each algorithm:
C:\OpenSSL-Win32\bin>openssl x509 -noout -fingerprint -sha256 -inform pem -in c:\test\cert.cer SHA256 Fingerprint=E6:5A:5D:37:22:FC:EF:EA:4B:22:92:45:BC:49:D2:29:3D:84:19:BC:C3:45:23:A1:22:A4:99:20:9D:03:E6:47 C:\OpenSSL-Win32\bin>openssl x509 -noout -fingerprint -sha1 -inform pem -in c:\test\cert.cer SHA1 Fingerprint=1E:DD:AD:32:C3:54:3F:C3:6F:7F:94:51:8D:5E:F7:ED:7C:DB:5D:A5 C:\OpenSSL-Win32\bin>openssl x509 -noout -fingerprint -md5 -inform pem -in c:\test\cert.cer MD5 Fingerprint=AA:6F:C8:3F:37:78:7A;BE:A6:BE:2C:51:26:16:3F:D3 C:\OpenSSL-Win32\bin>
Notes
Related Articles
Error: '%1 is not a valid win32 application' when starting RSA RADIUS Server 6.1 Number of Views RSA WTD Silvertail - varz for silvertap or other remote service won't load...remote silvertap machine(s) Number of Views FIM - FIPS 140-2 compliance. TLS1 ciphers Number of Views Bootstrapping can fail if Symantec Antivirus is installed on Enterprise or Site Coordinator (Named Pipe Error) Number of Views Security-Level Update for IDR Cipher ECDHE-RSA-AES256-SHA384 Number of Views
Trending Articles
RSA MFA Agent 2.3.6 for Microsoft Windows Installation and Administration Guide RSA Authentication Manager 8.9 Release Notes (January 2026) RSA Release Notes: Cloud Access Service and RSA Authenticators RSA Release Notes for RSA Authentication Manager 8.8 RSA-2026-04: RSA Governance and Lifecycle Security Update for SUSE Linux Enterprise Server Vulnerabilities
Don't see what you're looking for?
