A certificate's fingerprint is not part of the certificate, but it can be computed from it. Browsers tend to display it as if it were part of the certificate. A fingerprint is the MD5 digest of the der-encoded CertificateInfo, which is an ASN.1 type specified as part of the X.509 specification.

The weblogic.security.JDK111Certificate.getFingerprint() method calculates the fingerprint of a certificate, returning a byte array. Here is some code to demonstrate how to get the fingerprint of a certificate and print it out in hexadecimal:

import java.io.*;
import weblogic.security.X509;
import weblogic.security.JDK11Certificate;

public class fingerprint {

  private static char hexdigits[] = {

  public static void main(String[] argv)
       throws Exception
    InputStream is = null;
    JDK11Certificate cert = null;
    byte fp[];

    try {
      is = new FileInputStream(argv[0]);
    catch (FileNotFoundException e)  {
      System.out.println("Can't find file " + argv[0]);

    try {
      cert = new JDK11Certificate(new X509(is));
    catch (Exception e) {

    fp = cert.getFingerprint();
    for (int i = 0; i < fp.length; i++) {
      System.out.print(" "
                       + hexdigits[(fp[i] & 0xff) >> 4]
                       + hexdigits[(fp[i] & 0xf)]);
  } }