Get the signing certificate fingerprint

Third-party federation software may request the certificate fingerprint instead of the public key. Some examples are Microsoft ADFS2 and Zendesk.

The Ubisecure Key Tool, ubikt.jar, simplifies procedures on certificates and keys.

Step-by-step guide

To get the signing certificate

1. Run the following command from the command line:

   # cd /usr/local/ubisecure/ubilogin-sso/tools
   # java -jar ubikt.jar -ubilogin win32.config
   Version: 3
   Subject: CN=Ubilogin, DC=test
   Issuer: CN=Ubilogin, DC=test
   NotBefore: 2010-09-25T00:00:00Z
   NotAfter: 2021-09-25T00:00:00Z
   SerialNumber: d2e5d7d1e93b3c27b93623a3e39430f0
   SigAlg: SHA1withRSA
   SHA256: 91bdcd36430ccc23c19f664043952a62963bb8272ce342f4f53ae721c9d164ca
   SHA1: ebe288edc99f1eaa537aac5e90dc529de1527bc8
   MD5: aa3ae69b263becd5394edf7afba94ed0
   

2. The certificate fingerprint is shown with sha256, sha1 and md5 hash in the last three lines of output.

Related articles

• Page:
  Change SSO metadata certificate
• Page:
  How to add self-signed certificate to Java trust store on Windows
• Page:
  Change Virtu signing certificate
• Page:
  Update the SSO signing and encryption key
• Page:
  Increase the SSO metadata certificate private key size