Thank you Erik and Wim, that's exactly the information I needed! On Tue, Apr 19, 2011 at 2:27 PM, Wim Lewis <w...@omnigroup.com> wrote:
> > On 19 Apr 2011, at 10:55 AM, Matt C wrote: > > Should I be hashing the entire contents of the PEM file, only part, or is > there additional data I need to add? > > The fingerprint that openssl computes is the hash of the entire certificate > in DER format. You should be able to recover the DER-formatted certificate > by base64-decoding the block of text between the BEGIN/END lines in the > PEM-formatted certifcate. > > There are other hashes of various parts of the certificate, used for other > things, but if you're trying to duplicate what openssl -fingerprint is > doing, that's how. > > > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-users@openssl.org > Automated List Manager majord...@openssl.org >