#16 Implement Certificate Fingerprinting

Open
opened 4 years ago by stan · 1 comments

We should have the VEN print their own certificate's fingerprint on startup (if a certificate is provided), which can be shared with the VTN to identify the VEN.

From the OpenADR documentation:

import ssl, hashlib
bin_cert = ssl.PEM_cert_to_DER_cert( open('client_cert.pem').read() )
sha_hash = hashlib.sha256(bin_cert).digest()
print ':'.join( '%02X' % ord(c) for c in sha_hash[-10:])
We should have the VEN print their own certificate's fingerprint on startup (if a certificate is provided), which can be shared with the VTN to identify the VEN. From the OpenADR documentation: ```python import ssl, hashlib bin_cert = ssl.PEM_cert_to_DER_cert( open('client_cert.pem').read() ) sha_hash = hashlib.sha256(bin_cert).digest() print ':'.join( '%02X' % ord(c) for c in sha_hash[-10:]) ```
Stan Janssen commented 4 years ago
Owner

This also means that the opposing party should be able to use the certificate fingerprint (instead of the certificate itself) to authenticate the incoming messages.

This also means that the opposing party should be able to use the certificate fingerprint (instead of the certificate itself) to authenticate the incoming messages.
Sign in to join this conversation.
No Label
No Milestone
No assignee
1 Participants
Loading...
Cancel
Save
There is no content yet.