What's the value of a certificate fingerprint?
In a x509 digital certificate there is a "certificate fingerprint" section. It contains md5, sha1 and sha256. How are these obtained, and during the SSL connection, how are these values checked for?
The certificate fingerprint, as displayed in the Fingerprints section when looking at a certificate with Firefox or the thumbprint in IE is the hash of the entire certificate in DER form.
If your certificate is in PEM format, convert it to DER with OpenSSL:
openssl x509 -in cert.crt -outform DER -out cert.cer
Then, perform a SHA-1 hash on it (e.g. with sha1sum1):
sha1sum cert.cer
This should produce the same result as what you see in the browser. These values are not part of the certificate, rather they are computed from the certificate. One application of these fingerprints is to validate EV certificates. In this case, the SHA-1 fingerprint of the root EV CA certificate is hard-coded in the browser (note that (a) it's the fingerprint of the root cert and (b) it has to match exactly the trust anchors shipped with the version of the browser compiled with those values). Apart from this, these fingerprints are mostly used for identifying the certificates (for organising them). It's the actual public keys that are used for the verification of other certificates in the chain. The digest used for signing the certificate is actually not in the certificate (only the resulting signature). See certificate structure:
Certificate ::= SEQUENCE {
tbsCertificate TBSCertificate,
signatureAlgorithm AlgorithmIdentifier,
signatureValue BIT STRING }
TBSCertificate ::= SEQUENCE {
version [0] EXPLICIT Version DEFAULT v1,
serialNumber CertificateSerialNumber,
signature AlgorithmIdentifier,
issuer Name,
validity Validity,
subject Name,
...
In this case, the signature value is computed from the DER encoded tbsCertificate (i.e. its content). When the signature algorithm is SHA1 with RSA (for example), a SHA-1 digest is computed and then signed using the RSA private key of the issuer. This SHA-1 digest has nothing to do with the fingerprint has shown by openssl x509 -fingerprint or within the browser, since it's that of the tbsCertificate section only. There are also a couple of unrelated extensions that can make use of digests of the public keys this time: the Subject Key Identifier and the Authority Key Identifier. These are optional (and within the TBS content of the certificate).