Certificate Fingerprint Extractor
This tool extract SHA-256 Certificate Fingerprint from hostname or certificate (.crt, .der or .pem) file.
In order to implement Certificate Pinning during an SSL connection, a certificate fingerprint needs to be provided.
Usage examples:
$ peer-certificate-extractor -n, --hostname <hostname> (e.g., google.com, facebook.com)
or
$ peer-certificate-extractor -c, --certificate <certificate> (e.g., cert.der, cert.crt, cert.pem)
Example output:
Fingerprints from google.com certificates:
sha256/We74o5ME3USRtL6+B2UhXnwY9FR91QPJMYDtUNk6tEc=
sha256/zCTnfLwLKbS9S2sbp+uFz4KZOocFvXxkV06Ce9O5M2w=
sha256/hxqRlPTu1bMS/0DITB1SSu0vd4u/8l8TjPgfaAp63Gc=
Certificate Pinning with OkHttp
Enabling okhttp certificate pinning (Example in Kotlin):
...
val certificatePinner = CertificatePinner.Builder()
.add("google.com", "sha256/We74o5ME3USRtL6+B2UhXnwY9FR91QPJMYDtUNk6tEc=")
.add("google.com", "sha256/zCTnfLwLKbS9S2sbp+uFz4KZOocFvXxkV06Ce9O5M2w=")
.add("google.com", "sha256/hxqRlPTu1bMS/0DITB1SSu0vd4u/8l8TjPgfaAp63Gc=")
.build()
val client = OkHttpClient.Builder()
.certificatePinner(certificatePinner)
.build()
...
13 Dec 15, 2022
16 Jun 26, 2022
4 Apr 12, 2022
597 Dec 23, 2022
57 Oct 6, 2022
59 Jul 22, 2022
4 Dec 21, 2021
8 Nov 29, 2022
62 Dec 5, 2022
231 Dec 29, 2022
2.4k Dec 20, 2022
97 Dec 23, 2022
4.2k Jan 4, 2023
786 Jan 6, 2023
446 Jan 7, 2023
1.5k Jan 8, 2023
1.8k Jan 5, 2023
1k Dec 20, 2022
2k Dec 26, 2022
4.3k Jan 2, 2023
2 Aug 29, 2021
137 Dec 20, 2022
0 Jan 7, 2022
3 Aug 2, 2022
4 Dec 12, 2021
603 Jan 1, 2023
50 Aug 8, 2022
1.6k Nov 25, 2022