diff --git a/scripts/ssh-hostkey.nse b/scripts/ssh-hostkey.nse
index eedf8721e..eb31b5e11 100644
--- a/scripts/ssh-hostkey.nse
+++ b/scripts/ssh-hostkey.nse
@@ -63,13 +63,13 @@ The script also includes a postrule that check for duplicate hosts using the gat
 -- <table>
 --   <elem key="key">ssh-dss AAAAB3NzaC1kc3MAAACBANraqxAILTygMTgFu/0snrJck8BkhOpBbN61DAZENgeulLMaJdmNFWZpvhLOJVXSqHt2TCrspbMyvpBH4Fnv7Kb+QBAhXyzeCNnOQ7OVBfqNzkfezoFrQJgOQZSEenP6sCVDqcW2j0KVumnYdPU7FGa8SLfNqA+hUOR2HSSluynFAAAAFQDWKNq4PVbpDA7UExE8JSHnWxv4AwAAAIAWEDdNu5mWfTz52IdxELNjsmn5FvKRmnhPqq/PrTkYqAADL5WYazg7POQZ4yI2nqTq++47ONDK87Wke3qbeIhMrV13Mrgf2JuCUSNqrfEmvzZ2l9x3QyZrj+bJRPRuhwYq8rFup01qaANJ0p4WS/7voNbRhh+l57FkJF+XAJRRTAAAAIEAts1Se+u+hV9ZedXopzfXv1I5ZOSONxZanM10wjM2GRWygCYsHqDM315swBPkzhmB73oBesnhDW3bq0dmW3wvk4gzQZ2E2SHhzVGjlgDpjEahlQ+XGpDZsvqqFGGGx8lvKYFUxBR+UkqMRGmjkHw5sK5ydO1n4R3XJ4FfQFqmoyU=</elem>
 --   <elem key="bits">1024</elem>
---   <elem key="fingerprint">18:78:2f:d3:be:71:78:a3:8e:58:4b:5a:83:bd:60:a8</elem>
+--   <elem key="fingerprint">18782fd3be7178a38e584b5a83bd60a8</elem>
 --   <elem key="algorithm">DSA</elem>
 -- </table>
 -- <table>
 --   <elem key="key">ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAwVuv2gcr0maaKQ69VVIEv2ob4OxnuI64fkeOnCXD1lUx5tTA+vefXUWEMxgMuA7iX4irJHy2zer0NQ3Z3yJvr5scPgTYIaEOp5Uo/eGFG9Agpk5wE8CoF0e47iCAPHqzlmP2V7aNURLMODb3jVZuI07A2ZRrMGrD8d888E2ORVORv1rYeTYCqcMMoVFmX9l3gWEdk4yx3w5sD8v501Iuyd1v19mPfyhrI5E1E1nl/Xjp5N0/xP2GUBrdkDMxKaxqTPMie/f0dXBUPQQN697a5q+5lBRPhKYOtn6yQKCd9s1Q22nxn72Jmi1RzbMyYJ52FosDT755Qmb46GLrDMaZMQ==</elem>
 --   <elem key="bits">2048</elem>
---   <elem key="fingerprint">f0:58:ce:f4:aa:a4:59:1c:8e:dd:4d:07:44:c8:25:11</elem>
+--   <elem key="fingerprint">f058cef4aaa4591c8edd4d0744c82511</elem>
 --   <elem key="algorithm">RSA</elem>
 -- </table>
 --
@@ -80,7 +80,7 @@ The script also includes a postrule that check for duplicate hosts using the gat
 --     <elem>192.168.1.2</elem>
 --   </table>
 --   <table key="key">
---     <elem key="fingerprint">2c:22:75:60:4b:c3:3b:18:a2:97:2c:96:7e:28:dc:dd</elem>
+--     <elem key="fingerprint">2c2275604bc33b18a2972c967e28dcdd</elem>
 --     <elem key="bits">2048</elem>
 --     <elem key="algorithm">RSA</elem>
 --   </table>
@@ -91,7 +91,7 @@ The script also includes a postrule that check for duplicate hosts using the gat
 --     <elem>192.168.1.2</elem>
 --   </table>
 --   <table key="key">
---     <elem key="fingerprint">60:ac:4d:51:b1:cd:85:09:12:16:92:76:1d:5d:27:6e</elem>
+--     <elem key="fingerprint">60ac4d51b1cd8509121692761d5d276e</elem>
 --     <elem key="bits">1024</elem>
 --     <elem key="algorithm">DSA</elem>
 --   </table>
@@ -138,7 +138,7 @@ local function portaction(host, port)
   for _, key in ipairs( keys ) do
     add_key_to_registry( host, key )
     table.insert(output_tab, {
-      fingerprint=stdnse.tohex(key.fingerprint,{separator=":"}),
+      fingerprint=stdnse.tohex(key.fingerprint),
       algorithm=key.algorithm,
       bits=key.bits,
       key=key.full_key
diff --git a/scripts/ssl-known-key.nse b/scripts/ssl-known-key.nse
index 7f98f3d2c..decd6b8aa 100644
--- a/scripts/ssl-known-key.nse
+++ b/scripts/ssl-known-key.nse
@@ -33,7 +33,7 @@ include with Nmap) list.
 -- @xmloutput
 -- <table>
 --   <elem key="section">Little Black Box 0.1</elem>
---   <elem key="fingerprint">00:28:E7:D4:9C:FA:4A:A5:98:4F:E4:97:EB:73:48:56:07:87:E4:96</elem>
+--   <elem key="fingerprint">0028e7d49cfa4aa5984fe497eb7348560787e496</elem>
 -- </table>
 
 author = "Mak Kolybabi"
@@ -124,18 +124,20 @@ action = function(host, port)
 	if not status then
 		stdnse.print_debug(2, "sslcert.getCertificate error: %s", cert)
 	end
-	if not cert:digest("sha1") then
+	local fingerprint = cert:digest("sha1")
+	if not fingerprint then
 		stdnse.print_debug(2, "Certificate does not have a SHA-1 fingerprint.")
 		return
 	end
+	local fingerprint_fmt = stdnse.tohex(fingerprint, {separator=":", group=2}):upper()
 
 	-- Check SSL fingerprint against database.
-	local fingerprint = stdnse.tohex(cert:digest("sha1"), {separator=":", group=2}):upper()
-	local section = fingerprints[fingerprint]
+	local key = stdnse.tohex(fingerprint, {separator=":", group=2}):upper()
+	local section = fingerprints[key]
 	if not section then
-		stdnse.print_debug(2, "%s was not in the database.", fingerprint)
+		stdnse.print_debug(2, "%s was not in the database.", fingerprint_fmt)
 		return
 	end
 
-	return {section=section, fingerprint=fingerprint}, "Found in " .. section .. " (certificate hash: " .. fingerprint .. ")"
+	return {section=section, fingerprint=stdnse.tohex(fingerprint)}, "Found in " .. section .. " (certificate hash: " .. fingerprint_fmt  .. ")"
 end