How to get SHA256 certificate thumbprint?

Question

How can I get the SHA-256 thumbprint of a certificate?

SHA-256 certificates have two thumbprint, and I am able to retrieve the primary thumbprint, but not SHA-256.

Answer 1

If you want to get a certificate's SHA-256 thumbprint, you have to do some manual work. The built-in Thumbprint property is SHA-1 only.

You have to use a SHA-256 class and compute the hash over the certificate's content:

using System;
using System.Linq;
using System.Security.Cryptography;
using System.Security.Cryptography.X509Certificates;

namespace MyNamespace {
    class MyClass {
        public static String GetSha2Thumbprint(X509Certificate2 cert) {
            Byte[] hashBytes;
            using (var hasher = new SHA256Managed()) {
                hashBytes = hasher.ComputeHash(cert.RawData);
            }
            return hashBytes.Aggregate(String.Empty, (str, hashByte) => str + hashByte.ToString("x2"));
        }
    }
}

And you convert this code to an extension method if necessary.