search

awsdocs / iam-user-guide

Official documentation source for the AWS Identity and Access Management (IAM) User Guide
MIT No Attribution
324 stars 355 forks source link

Specify SHA-1 fingerprint #287

Closed jcchak closed 1 year ago

jcchak commented 1 year ago

In https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_create_oidc_verify-thumbprint.html, the command

openssl x509 -in certificate.crt -fingerprint -noout

seems now to return by default the SHA-256 fingerprint, while the thumbprint/fingerprint needed by the service is SHA-1:

"Server certificate thumbprint is the hex-encoded SHA-1 hash value of the X.509 certificate used by the domain where the OpenID Connect provider makes its keys available".

SHA1 fingerprint can be easily obtained just specifying it in the command:

openssl x509 -in certificate.crt -fingerprint -sha1 -noout

sakitt commented 1 year ago

The command line statement has been updated. Thank you for taking the time to submit this issue and raising it to our attention.