How to Retrieve an SSL Thumbprint in Windows using MMC

Retrieve SSL Thumbprint

MMC is a component of Windows 2000 and its successors that provides system administrators and advanced users an interface for configuring and monitoring the system. You use Microsoft Management Console (MMC) to create, save and open administrative tools, called consoles, which manage the hardware, software, and network components of your Microsoft Windows operating system. MMC runs on all client operating systems that are currently supported. You may want to see the following articles too: How to request a certificate signing request in Windows using Microsoft Management Console, Windows Admin Center:How to set up WAC, and what are the components needed to create a certificate signing request

A certificate thumbprint is a hexadecimal string that uniquely identifies a certificate. A thumbprint is calculated from the content of the certificate using a thumbprint algorithm. CES accepts Secure Hash Algorithm 1 (SHA-1) thumbprints in the 40-digit hexadecimal string form without spaces.

When you need to specify claims found in a certificate for client or server authentication, you may need to submit a Thumbprint claim.
– Typical example is when installing Windows Admin Center where the Thumbprint is required.
– Note: The SSL Thumbprint can also be retrieved using PowerShell commands. See the following link for more information.

Fire up an MMC Console as shown in the image below

Windows MMC

This will open up the Console Root window as shown below.

SSL certificate

Next, click on file,
– Click on Add/Remove Snap-ins as shown in the image below.

In the Console Root window’s left pane, click Certificates (Local Computer).
– Click on Add and
– Click on ok.

This will open up the Certificate Snap-in Window.

- Click the Personal folder to expand it.
- Click the Certificates folder to expand it.

In the list of certificates, note the Intended Purposes heading. Find a certificate that lists Client Authentication as an intended purpose.
- Double-click the certificate.
- In the Certificate dialog box, click the Details tab.
- Scroll through the list of fields and click Thumbprint.
- Copy the hexadecimal characters from the box. 

If this thumbprint is used in code for the X509 FindType, remove the spaces between the hexadecimal numbers. For example, the thumbprint “a9 09 50 xxxxxxxxxxxxx2 77 a3 2a 7b” should be specified as a90950xxxxxxxa32a7b” in code. In our case this is fine.

Furthermore, I hope you found this blog post helpful. Please let me know in the comment session if you have any questions.

Notify of

Inline Feedbacks
View all comments
Would love your thoughts, please comment.x