How to Retrieve an SSL Thumbprint in Windows using PowerShell

A certificate thumbprint, also called a fingerprint, is a hash of a certificate, computed over all certificate data and its signature. Thumbprints are used as unique identifiers for certificates, in applications when making trust decisions, in configuration files, and displayed in interfaces. Due to the variety of uses for thumbprints, it is not immediately clear what, if any, their security needs are. Thumbprints are usually implemented with cryptographic hash functions and used in security applications, in some cases as an implementation technique and not as a core security mechanism. You may want to see the following articles too: How to request a certificate signing request in Windows using Microsoft Management Console, and Windows Admin Center: How to set up WAC.

When you need to specify claims found in a certificate for client or server authentication, you may need to submit a Thumbprint claim. This can be performed also by using MMC. 

From the Start Menu, Search for PowerShell
– Right-click on it and select run as an Administrator

This will open up the Windows PowerShell. Run the follow cmdlets below.

Get-ChildItem -path cert:LocalMachine\My 

In the screenshot above, you will be able to see the thumbprint, copy your desired thumbprint and paste wherever you wish to make use of it.

I hope you found this blog post helpful. If you have any questions, please let me know in the comment session.

Notify of
Inline Feedbacks
View all comments
Kevin W Black
Kevin W Black
3 months ago

Get-ChildItem -Path Cert:LocalMachine\MY

You were missing the “\” before MY

Last edited 3 months ago by Kevin W Black
27 days ago

Re:thumbprint. If an SSL certificate has a path of 3 certificates, is the thumbprint the same on each certificate? Eg: DigiCert , DigiCert Cloud Services CA-1, Outlook.com
Should the thumbprint on each of these be the same?

Would love your thoughts, please comment.x