问题
Is it possible to use jsrsasign to extract the fingerprint of an x.509 certficate, similar to what can be achieved using this openssl command:
openssl x509 -sha1 -in cert.pem -noout -fingerprint - Ref: openssl x.509 doc
I'm reading my X509 like so:
var c = new X509();
c.readCertPEM(cert);
\\ how to get the fingerprint?
Ref: jsrsasign x.509 apidoc
回答1:
You just need to extract the string from between the "-----BEGIN CERTIFICATE-----" header and "-----END CERTIFICATE----- " footer, base64 decode it and compute SHA1 hash of decoded data.
回答2:
Thank you for using jsrsasign. You can write like this:
hex = KEYUTIL.getHexFromPEM(certPEMstring);
fingerprint = KJUR.crypto.Util.hashHex(hex, 'sha256');
You can also find a fingerprint example here: http://kjur.github.io/jsrsasign/tool_certview.html
来源:https://stackoverflow.com/questions/22811640/jsrsasign-how-to-extract-an-x-509-certificates-fingerprint