Contents

1   Introduction

This document describes how to generate a fingerprint for a file.

Fingerprints, also known as digests, are calculated on the entire provided Certificate Management file.

1.1   Prerequisites

This section describes the prerequisites, which must be fulfilled before using the procedure.

1.1.1   Conditions

The following conditions must apply:

• The user has the System Security Administrator role.
• An Ericsson Command-Line Interface (ECLI) session in Exec mode is in progress.

2   Procedure

To generate a fingerprint for a file, for example:

1. Navigate to the CertMCapabilities managed object:

   >dn ManagedElement=NODE06ST,SystemFunctions=1,SecM=1,CertM=1,CertMCapabilities=1

2. Show attribute fingerprintSupport:

   (CertMCapabilities=1)>show fingerprintSupport

   The output shows the algorithm used for calculating the fingerprint, for example:

   fingerprintSupport=SHA_224

   Here, SHA_224 denotes the algorithm in use.

   Note:  

   SHA_224 corresponds to the openssl command-line option -sha224 in the next step.

   
   
3. Using a command shell, manually generate the fingerprint for a file using command openssl with the algorithm specified in attribute fingerprintSupport as an input option. For example:

   shell$ openssl dgst -c -hex -sha224 node06stNodeCredential1.p12

   Here, the algorithm used is -sha224.

   The output reflects the algorithm used, for example:

   SHA224(node06stNodeCredential1.p12)= ba:41:ac:4f:b3:00:10:98:28:47:36:b1:eb:d9:66:33:69:05:7d:c2

   Note:  

   The extra space character between = and fingerprint ba:41:ac:4f:b3:00:10:98:28:47:36:b1:eb:d9:66:33:69:05:7d:c2 does not belong to the fingerprint itself.