diff --git a/src/ssl/ffi.rs b/src/ssl/ffi.rs
index d1a971c8e4cb239f0330b9353f13b3aeb6a21805..2e21a24b330179dc848ef7abd7e4b571d1191783 100755
--- a/src/ssl/ffi.rs
+++ b/src/ssl/ffi.rs
@@ -1,6 +1,7 @@
 #![allow(non_camel_case_types)]
 
-use libc::{c_int, c_void, c_long, c_ulong, c_char};
+use libc::{c_int, c_void, c_long, c_ulong, c_char, c_uint};
+use crypto::hash::{EVP_MD};
 
 pub type SSL_CTX = c_void;
 pub type SSL_METHOD = c_void;
@@ -145,6 +146,7 @@ extern "C" {
     pub fn X509_STORE_CTX_get_error(ctx: *mut X509_STORE_CTX) -> c_int;
 
     pub fn X509_get_subject_name(x: *mut X509) -> *mut X509_NAME;
+    pub fn X509_digest(x: *mut X509, digest: *const EVP_MD, buf: *mut c_char, len: *mut c_uint) -> c_int;
 
     pub fn SSL_new(ctx: *mut SSL_CTX) -> *mut SSL;
     pub fn SSL_free(ssl: *mut SSL);
diff --git a/src/ssl/mod.rs b/src/ssl/mod.rs
index 31551109fb2ecedebfd75e314363efb50971ef0e..785b8dfc5ad304de8d2b8851da7c5245881628f1 100644
--- a/src/ssl/mod.rs
+++ b/src/ssl/mod.rs
@@ -1,4 +1,4 @@
-use libc::{c_int, c_void, c_char};
+use libc::{c_int, c_uint, c_void, c_char};
 use std::io::{IoResult, IoError, EndOfFile, Stream, Reader, Writer};
 use std::mem;
 use std::ptr;
@@ -6,6 +6,7 @@ use std::rt::mutex::NativeMutex;
 use std::string;
 use sync::one::{Once, ONCE_INIT};
 
+use crypto::hash::{HashType, evpmd};
 use ssl::error::{SslError, SslSessionClosed, StreamError};
 
 pub mod error;
@@ -230,6 +231,29 @@ impl<'ctx> X509<'ctx> {
         let name = unsafe { ffi::X509_get_subject_name(self.x509) };
         X509Name { x509: self, name: name }
     }
+
+    /// Returns certificate fingerprint calculated using provided hash
+    pub fn fingerprint(&self, hash_type: HashType) -> Option<Vec<u8>> {
+        let (evp, len) = evpmd(hash_type);
+        let v: Vec<u8> = Vec::from_elem(len, 0);
+        let act_len: c_uint = 0;
+        let res = unsafe {
+            ffi::X509_digest(self.x509, evp, mem::transmute(v.as_ptr()),
+                             mem::transmute(&act_len))
+        };
+
+        match res {
+            0 => None,
+            _ => {
+                let act_len = act_len as uint;
+                match len.cmp(&act_len) {
+                    Greater => None,
+                    Equal => Some(v),
+                    Less => fail!("Fingerprint buffer was corrupted!")
+                }
+            }
+        }
+    }
 }
 
 #[allow(dead_code)]