get SHA256 has of certificate chain of my certificate

Asked Mar 20 '18 at 17:51

Active Mar 20 '18 at 19:56

Viewed 551 times

I got my server certificate mycert.pem by command:

cho -n | openssl s_client -connect <my.server.hostname> | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > mycert.pem.

I would like to see the certificate chain hash value.

My question is:

How can I use command line to get the SHA256 hash of certificate chain of mycert.pem?

I mean something like this as output:

Peer certificate chain:
     sha256/afwiKY3SxoMmLkuRW1l7QsPZTJPwDS2pdDROQjXw8ig=: CN=publicobject.com, OU=PositiveSSL
     sha256/klO23nT8ehFDXCfx3eHTDRESMz3asj1muO+4aIdjiuY=: CN=COMODO RSA Secure Server CA
     sha256/grX4Ta9OpZx6tSHkmCrvpApTQGo67CYDnvprLg5yRME=: CN=COMODO RSA Certification Authority
     sha256/lCppFqbprlJ3EcVFAkeip0+44VaoJUymbnOaEUk7tEU=: CN=AddTrust External CA Root

edited Mar 20 '18 at 19:56

asked Mar 20 '18 at 17:51

Mellon

What's in `mycert.pem`? Is it the fullchain? Or is it just the leaf certificate? Where did you get the output you posted here in the question? Was this manually constructed? – Andrew Mar 20 '18 at 19:39
@Andrew, I updated my post. – Mellon Mar 20 '18 at 19:56
Where does your sample output come from? What are you trying to do -- looks like pinning? (If pinning, you could use Scott Helme's generator: https://report-uri.com/home/pkp_hash ) Can you share the input for your sample output? – StackzOfZtuff Mar 21 '18 at 09:47

get SHA256 has of certificate chain of my certificate

0 Answers0