A certificate's fingerprint is not part of the certificate, but it can be computed from it. Browsers tend to display it as if it were part of the certificate. A fingerprint is the MD5 digest of the der-encoded CertificateInfo, which is an ASN.1 type specified as part of the X.509 specification.

The weblogic.security.JDK111Certificate.getFingerprint() method calculates the fingerprint of a certificate, returning a byte array. Here is some code to demonstrate how to get the fingerprint of a certificate and print it out in hexadecimal:

import java.io.*;
import weblogic.security.X509;
import weblogic.security.JDK11Certificate;

public class fingerprint {

  private static char hexdigits[] = {
    '0','1','2','3','4','5','6','7',
    '8','9','A','B','C','D','E','F'};

  public static void main(String[] argv)
       throws Exception
  {
    InputStream is = null;
    JDK11Certificate cert = null;
    byte fp[];

    try {
      is = new FileInputStream(argv[0]);
    }
    catch (FileNotFoundException e)  {
      System.out.println("Can't find file " + argv[0]);
      e.printStackTrace();
    }

    try {
      cert = new JDK11Certificate(new X509(is));
    }
    catch (Exception e) {
      e.printStackTrace();
    }

    fp = cert.getFingerprint();
    System.out.print("Fingerprint:");
    for (int i = 0; i < fp.length; i++) {
      System.out.print(" "
                       + hexdigits[(fp[i] & 0xff) >> 4]
                       + hexdigits[(fp[i] & 0xf)]);
    }
    System.out.println("");
  } }