Extract SHA256 certificate thumbprint in Nginx
August 07, 2023 10:26PM
I have used Nginx as a proxy infront of my authorization server (IDP) which handles mtls. We have a requirement to extract SHA256 fingerprint from client certificate in Nginx and forward it to the underlying auth server endpoint.
Nginx variable $ssl_client_fingerprint returns the SHA1 fingerprint of the client certificate. Is there a way to extract SHA256 fingerprint of the client cert?
Re: Extract SHA256 certificate thumbprint in Nginx
December 15, 2023 02:18AM
The code which performs this digest is located in src/event/ngx_event_openssl.c - This is presently hard-coded to return a SHA1 fingerprint.
Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 154
Record Number of Users: 8 on April 13, 2023
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready