Warning: file_get_contents(/data/phpspider/zhask/data//catemap/9/ssl/3.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
Ssl 如何正确计算证书的指纹_Ssl_Sha256 - Fatal编程技术网
Fatal编程技术网
  • ssl/
  • Ssl 如何正确计算证书的指纹

Ssl 如何正确计算证书的指纹

ssl

Ssl 如何正确计算证书的指纹,ssl,sha256,Ssl,Sha256,嗨,我在一个文件中有一个这样的CA.pem -----BEGIN CERTIFICATE----- MIIDczCCAlugAwIBAgIHALRRMXUkMTANBgkqhkiG9w0BAQ0FADBHMRswGQYDVQQD DBJIdHRwQ2FuYXJ5IFJvb3QgQ0ExEzARBgNVBAoMCkh0dHBDYW5hcnkxEzARBgNV BAsMCkh0dHBDYW5hcnkwHhcNMjAwMTE1MDc1MjUwWhcNMzEwMTEyMDc1MjUwWjBH MRswG

嗨,我在一个文件中有一个这样的CA.pem

-----BEGIN CERTIFICATE-----
MIIDczCCAlugAwIBAgIHALRRMXUkMTANBgkqhkiG9w0BAQ0FADBHMRswGQYDVQQD
DBJIdHRwQ2FuYXJ5IFJvb3QgQ0ExEzARBgNVBAoMCkh0dHBDYW5hcnkxEzARBgNV
BAsMCkh0dHBDYW5hcnkwHhcNMjAwMTE1MDc1MjUwWhcNMzEwMTEyMDc1MjUwWjBH
MRswGQYDVQQDDBJIdHRwQ2FuYXJ5IFJvb3QgQ0ExEzARBgNVBAoMCkh0dHBDYW5h
cnkxEzARBgNVBAsMCkh0dHBDYW5hcnkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw
ggEKAoIBAQDpDLS2xbpRfTgCPn9Xz0PdWNdppo7vUltGQlzJfD0FQZsyiCU3sYAe
oRGaInwgS4knBEt/9hxaLC8ivz9UlXWIhg8Xy4g+J463HfD4kP2fQElHfo+SlFwc
flkIVKgOB/rMgFMp6LH9YP+bmYMy3ndXYkTkYAGL6Q2EWO90HQLYkt2pm5ij7755
vp8Dksc7LHnHo0sqzrpB953Sx5dVTSyQ91fU3scxo8xvcJQG/vYfbEJA6rZunlLO
3NG8i8JhEYpEjWlf7MV0WIjlPk2vMCHKei/Wyd0msrmL12vjOl3IxMSZQn76SZ1k
+l9E+wuaAw61DnrzD2gkF3yfCNHr8xsrAgMBAAGjZDBiMB0GA1UdDgQWBBQpj7CB
UKauWN0/B4d2jAQxbmjTpDAPBgNVHRMBAf8EBTADAQH/MAsGA1UdDwQEAwIBtjAj
BgNVHSUEHDAaBggrBgEFBQcDAQYIKwYBBQUHAwIGBFUdJQAwDQYJKoZIhvcNAQEN
BQADggEBAKjH9gYYRg+BLXqey9FGd7mR5hCC3lB7NfLEyJULlAoLgzdGieXfcwdX
Qe5clq6Wfk35v2VxVBg1j/oxZYZyJxFvWiuJ840FHgOb5kD7qTS7i735PCbAyCVf
uSTonQw0Ny8gnjoTijjO/Dh0O6j2wr2kIHORdC2H4Kbya7jyriqY/M/tiuolDyBc
4RWW52pmDdFi+DMvdroRMaE/1fzDiYRB4ongMNLm7fytGTg9Dakhy7o4OC+dmlGm
miUEQIACm2cWrfI1/tjwh+BpbXG91i8y8FPA4YZ2iNmF1133dJhjNx66LETOfJA5
9dZqO1SpbFk4NVpI4UYzfzMdpqw2KgM=
-----END CERTIFICATE-----
我想把这个和一个sha256的杂凑成这样

"certificate_hash": "8eb1ec754c1d04af13efa97da1be05c90f1342e5"
但是我不知道怎么做,我知道我的CA的十六进制,并试图检查转换的最终结果,但它不一样,你知道如何从这个CA获得sha256哈希吗

signed SHA-256 :
B2:62:DC:C4:F2:4A:AA:51:C9:5C:00:6C:0F:27:19:00:DE:42:3D:D3:8C:79:72:89:9A:8D:89:37:84:2E:1E:58

signed SHA-1 :
84:29:CA:F9:EE:3A:3C:CB:4A:08:42:66:0E:BA:2D:84:FC:B4:E5:51
你有的是证书。要计算指纹,首先需要将其从PEM表示解码为二进制。为此,需要删除页眉和页脚(以
----
开头),其余部分需要解码为。然后可以从得到的二进制文件计算SHA1或SHA-256哈希值

简而言之,在Linux命令行上:

$ grep -v ^- cert.pem  | base64 -d | sha256sum 
b262dcc4f24aaa51c95c006c0f271900de423dd38c7972899a8d8937842e1e58 -

$ grep -v ^- cert.pem  | base64 -d | sha1sum 
8429caf9ee3a3ccb4a0842660eba2d84fcb4e551  -

b262dc…
与您的问题中的
B2:62:DC:…
完全相同,只是不同而已

当然,也可以简单地使用
openssl x509

$ openssl x509 -in cert.pem -fingerprint -sha256
SHA256 Fingerprint=B2:62:DC:C4:F2:4A:AA:51:C9:5C:00:6C:0F:27:19:00:DE:42:3D:D3:8C:79:72:89:9A:8D:89:37:84:2E:1E:5

$ openssl x509 -in cert.pem -fingerprint -sha1
SHA1 Fingerprint=84:29:CA:F9:EE:3A:3C:CB:4A:08:42:66:0E:BA:2D:84:FC:B4:E5:51
你有的是证书。要计算指纹,首先需要将其从PEM表示解码为二进制。为此,需要删除页眉和页脚(以
----
开头),其余部分需要解码为。然后可以从得到的二进制文件计算SHA1或SHA-256哈希值

简而言之,在Linux命令行上:

$ grep -v ^- cert.pem  | base64 -d | sha256sum 
b262dcc4f24aaa51c95c006c0f271900de423dd38c7972899a8d8937842e1e58 -

$ grep -v ^- cert.pem  | base64 -d | sha1sum 
8429caf9ee3a3ccb4a0842660eba2d84fcb4e551  -

b262dc…
与您的问题中的
B2:62:DC:…
完全相同,只是不同而已

当然,也可以简单地使用
openssl x509

$ openssl x509 -in cert.pem -fingerprint -sha256
SHA256 Fingerprint=B2:62:DC:C4:F2:4A:AA:51:C9:5C:00:6C:0F:27:19:00:DE:42:3D:D3:8C:79:72:89:9A:8D:89:37:84:2E:1E:5

$ openssl x509 -in cert.pem -fingerprint -sha1
SHA1 Fingerprint=84:29:CA:F9:EE:3A:3C:CB:4A:08:42:66:0E:BA:2D:84:FC:B4:E5:51
要避免
openssl x509
同时输出不需要的PEM证书副本,请添加
-noout
要避免
openssl x509
同时输出不需要的PEM证书副本,请添加
-noout