Wednesday, December 30, 2020

Public Key - Thumbprint

 How to check a certificate's thumbprint?

https://www.samltool.com/fingerprint.php  [Calculate Fingerprint]

https://knowledge.digicert.com/solution/SO9840.html


This tool calculates the fingerprint of an X.509 public certificate. A fingerprint is a digest of the whole certificate. In this case we use the SHA1 algorithm. Sometimes applications ask for its fingerprint, which easier for work with, instead of requiring the X.509 public certificates (a long string).

=====================================================

Using public key fingerprints for key authentication

Further information: key authentication

When a public key is received over an untrusted channel, such as the Internet, the recipient often wishes to authenticate the public key. Fingerprints can help accomplish this, since their small size allows them to be passed over trusted channels where public keys won't easily fit.


For example, if Alice wishes to authenticate a public key as belonging to Bob, she can contact Bob over the phone or in person and ask him to read his fingerprint to her, or give her a scrap of paper with the fingerprint written down. Alice can then check that this trusted fingerprint matches the fingerprint of the public key. Exchanging and comparing values like this is much easier if the values are short fingerprints instead of long public keys.

No comments:

Post a Comment

Azure - Pipeline - Add Approver for Stage

https://learn.microsoft.com/en-us/azure/devops/pipelines/process/approvals?view=azure-devops&tabs=check-pass