Cloudflare web site finger printing

What is the name of the domain?

any

What is the error message?

none

What is the issue you’re encountering

does cloudflare provide a service htat provides a SHA256 fingerprint for a web site

What steps have you taken to resolve the issue?

searched you support site

What are the steps to reproduce the issue?

Web site SSL labs provides a service that displays SHA256 fingerprint for any web site

1 Like

Greetings,

Thank you for asking.

For domains using proxied :orange: hostnames, by default when we click on the more information about the SSL certificate for the particular visited Website in our Web browser, Cloudflare’s Universal SSL certificate does contain Fingerprints SHA-1 and SHA-256 if that’s the question? :thinking:

Example (sorry for :croatia: language - Otisci prstiju → finger prints):

slika

Is this the feedback information which you were looking for or rather looking for some kind of a way, button or interface and information if Cloudflare has the same or similar tool as SSL labs and if Cloudflare would be able to provide this feedback information for your zone, once you have activated Cloudflare for it? :thinking:

Hope this helps a bit.

I still do not understand how the fingerprint is applied. What cloudflare web site?

For example how would I find the SHA256 fingerprint of www.google.com

The SHA-256 fingerprint doesn’t belong to the website. The fingerprint is for a specific certificate used by the site. The fingerprint will change when the certificate is replaced during the course of its lifecycle.

In this era where short-lived (ninety day) certificates are common, their default renewal, which occurs at approximately two-thirds of their lifespan, will typically lead to a new fingerprint every sixty days.

More than one certificate can exist for the same name or set of names at any given time. Each certificate has its own fingerprint.

Depending on what you are hoping to accomplish, there may not be any value to knowing the fingerprint of a certificate. Unless you are familiar with the command line, the easiest way to view the fingerprint is from the certificate details your web browser. You should be able to find the exact process for your browser via a web search.

1 Like

The SHA256 does provide an individual web site value distinct to a web site.
SSLlabs.com provides the following information for www.google.com

Certificate #1: EC 256 bits (SHA256withRSA)

Server Key and Certificate #1
Subject www.google.com
Fingerprint SHA256: 96999ef19ae0e2250cdc320c8875c1b6e9e47667bdea9900f92bcbebc3b304ea
Pin SHA256: vl3jDYIyMyIGosDXGE0B3R12y8fS+60xAB8Ls32imA0=
Common names www.google.com
Alternative names www.google.com
Serial Number 64a67cada8dadb210a63e1e8575f7948
Valid from Tue, 30 Jul 2024 12:50:13 UTC
Valid until Tue, 22 Oct 2024 12:50:12 UTC (expires in 2 months and 2 days)
Key EC 256 bits

Does Cloudflare have a website that is capable of providing the same information?

As @epic.network said, the value is distinct for the SSL certificate. When Google changes their certificate, the SHA256 will change.

You can get the SHA256 for a certificate using…

openssl s_client -connect www.google.com:443 < /dev/null 2> /dev/null | openssl x509 -noout -fingerprint -sha256 | tr -d :
sha256 Fingerprint=96999EF19AE0E2250CDC320C8875C1B6E9E47667BDEA9900F92BCBEBC3B304EA
1 Like

So this means that Cloudflare does not provide any service that is capable of providing a SHA256 finger print for a web site.

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.