The easiest way is to create a function to get the HASH with a simple online request.
The script to see the HASH in the browser (PHP):
<?php function get_hash($address) { function x509_fingerprint($pem,$hash='sha1') { $hash = in_array($hash,array('sha1','md5','sha256')) ? $hash: 'sha1'; $pem = preg_replace('/\-+BEGIN CERTIFICATE\-+/','',$pem); $pem = preg_replace('/\-+END CERTIFICATE\-+/','',$pem); $pem = str_replace( array("\n","\r"), '', trim($pem)); return strtoupper(hash($hash,base64_decode($pem))); } $g = stream_context_create (array("ssl" => array("capture_peer_cert" => true))); $r = fopen($address, "rb", false, $g); $cont = stream_context_get_params($r); openssl_x509_export($cont["options"]["ssl"]["peer_certificate"],$cert); // Echo's the certificate key. //return $cert; // Echo's the SHA256 from the certificate spited and with ID. //return 'SHA256 Fingerprint='.implode(":", str_split( x509_fingerprint($cert,$hash='sha256'), 2))."\n"; // Echo's the SHA256 KEY Only. return implode("", str_split( x509_fingerprint($cert,$hash='sha256'), 2))."\n"; } echo get_hash('https://pss.kalipso.support'); ?>
The script as a function and a HTTP Request (PHP):
HTTP Request with POST method
<?php function get_hash($address) { function x509_fingerprint($pem,$hash='sha1') { $hash = in_array($hash,array('sha1','md5','sha256')) ? $hash: 'sha1'; $pem = preg_replace('/\-+BEGIN CERTIFICATE\-+/','',$pem); $pem = preg_replace('/\-+END CERTIFICATE\-+/','',$pem); $pem = str_replace( array("\n","\r"), '', trim($pem)); return strtoupper(hash($hash,base64_decode($pem))); } $g = stream_context_create (array("ssl" => array("capture_peer_cert" => true))); $r = fopen($address, "rb", false, $g); $cont = stream_context_get_params($r); openssl_x509_export($cont["options"]["ssl"]["peer_certificate"],$cert); // Echo's the certificate key. //return $cert; // Echo's the SHA256 from the certificate spited and with ID. //return 'SHA256 Fingerprint='.implode(":", str_split( x509_fingerprint($cert,$hash='sha256'), 2))."\n"; // Echo's the SHA256 KEY Only. return implode("", str_split( x509_fingerprint($cert,$hash='sha256'), 2))."\n"; } if (@$_POST['Request'] == "GETHASH") { echo get_hash('https://pss.kalipso.support'); } ?>
After getting the HASH all the requests have to be made with the HASH as exemplified below. That will avoid the certificate pinning.