Forum Discussion

Altostratus

Nov 27, 2012

Generate SHA1 thumbprint of incoming SSL cert

Greetings! I have a request from a developer (below). I was hoping one of you could please help me come up with a solution? --------------- The F5 needs to generate an SHA1 thumbprint of th...

Cirrostratus

Nov 28, 2012

X509::hash will return the md5 hash of the binary cert. sha1 will return the sha1 hash.

Also, a client can resume an existing SSL session and not present the client cert in a new handshake for every TCP connection or HTTP request. TMM automatically stores the cert for the life of the SSL session and makes it accessible using [SSL::cert 0]. So it's better to get the value on each HTTP request instead of storing it in a local variable which is specific to that one TCP connection.

Long story short...the last example I posted should work for your scenario.

Aaron

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

Generate SHA1 thumbprint of incoming SSL cert

Jeff - May 2026 Featured F5er

AppWorld Berlin 2026 – iRules Contest Winning Results

One Quick Step to Make your website AI-Agent/MCP Ready with an iRule

Recent Discussions

certitcate error

Layered ASM for APM login page protection

migrate from serie I to R. Cluster LTM-GTM

APM URL encoding Hardening?

Trial License for F5 virtual edition in eve-ng

Related Content

Generic iRule based on datagroup parsing

Thumbprint of the client ssl certificate

F5 rSeries: Next-Generation Fully Automatable Hardware

F5 VELOS: A Next-Generation Fully Automatable Platform

SSL Orchestrator Advanced Use Cases: Detecting Generative AI

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS