[CrossPost] SHA1 Deprecation Policy


Update: This page has been removed.  For the most up to date information on the Microsoft SHA1 deprecation policy please see https://aka.ms/sha1

Comments (135)

  1. Anonymous says:

    Hi Amerk,

    Some of my Issuing CA certificates have the “Signature Algorithm” set to SHA1RSA. After some investigation I found that this most likely means SHA1 for Digest and RSA Algorithm for encryption. RSA doesn’t appear to be mentioned in the NIST Special publication you linked. Should I assume that the SHA1RSA certificates will also need to be depricated, or only certificates that sepecifically say ‘Sha1’

    Cheers!

  2. Anonymous says:

    Hi Amerk, First of all I wish you a very happy new year! I’ve heard that Mozilla’s about to remove the following root CA certificate from Firefox (from version 28):
    CN = GTE CyberTrust Global Root
    OU = “GTE CyberTrust Solutions, Inc.”
    O = GTE Corporation
    C = US
    SHA1: 97:81:79:50:D8:1C:96:70:CC:34:D8:09:CF:79:44:31:36:7E:F4:74

    Could you please tell me what Microsoft’s position on that mater is? Thank you very much in advance.

  3. Anonymous says:

    > After some investigation I found that this most likely means SHA1 for Digest and RSA Algorithm for encryption.
    SHA1 is the hashing algorithm. SHA1RSA is signature algorithm. When you compute a hash, you will get SHA1 value (20 bytes hash value). When you take RSA private key and encrypt (sign) the hash with the key, you will get SHA1RSA signature.

  4. Yuhong Bao says:

    Any timeline for a hotfix to get KMCS on Vista and Win7 to recognize SHA2 certificates?

  5. Oleg.Andr says:

    Following on my and DigitalExegete `s comment of painfull experience with SHA256 signing on older systems (and ABSOLUTELY NO official information about this ), does that mean that if i want to install on windows xp (or vista) i must –
    1) install relevant kb update fixing system recognition of SHA2 (wich will be signed by sha1 hopefully),
    2) proceed with product installation.
    In case step 1 required reboot to function our unstall experience is f***ed .

  6. Nick Lowe says:

    In line with Google’s expedited SHA-1 deprecation plan which the CAs are reacting to, please can we have an update about KMCS with Windows Vista and Windows 7? SHA-1 based certificates will soon be unavailable.

    Additionally, please can you push out KB 938397 as a critical security update to all Windows Server 2003 clients?

  7. DigitalExegete says:

    I have a question, about Windows7/8 Code signing. In October, I purchased an SHA-2 Certificate for code signing, since SHA-1’s future seemed bleak. My question is that if you are deprecating SHA-1, are you also deprecating Windows Vista/7? I can’t code sign (from what I’ve tried to do) for Windows 7–I just get an unrecognized certificate error. Reading MSDN pages & OSR Forums seem to confirm that SHA-2 is only Win 8/8.1.

    I do understand that this may be more suited towards MSDN, but deploying to mixed environment of Win7/8 is an issue if I can’t use SHA-2 on my Win7 Machines, and you are basically announcing the end of SHA-1 support.

    Thanks for the article!

  8. Anonymous says:

    On another MS publication [ http://msdn.microsoft.com/en-us/library/cc433493(v=exchg.80).aspx ] you are depending upon something called “son-of-sha-1”. Will this version of sha-1 be around for a while or will it be changed soon as well?

  9. Digvijay S Rajawat says:

    Hi I have a question on CA – I have 4 DC installed in my client environment with no CA server manage, 2 DC is in Datacenter 1 and other 2 DC is in Datacenter 2, now the problem is in my client has local computer certificate which will be expire in less than 30 days.

    I have no idea whether it will renew automatically or i have to renew it manually.

    the certificate is on local server like is the machine name is “aaa” then the certificate name is aaa.domain.com with intended purpose is server authentication and this will be expire soon

    I appreciate if you reply ASAP

  10. hassan sayed issa20014 says:

    thanks

  11. DigitalExegete says:

    Sorry–SHA-2 should be SHA-256

  12. Anonymous says:

    I was inspired by all the answers and replies here, along with different discussions to came up with my own white paper describing the process

    There are many sides to the SHA-2 upgrade story. You can do side by side different Root CA migration, or you can upgrade your existing CA servers.

    There is a white paper describing each approach and how it will affect your applications:

    http://ammarhasayen.com/2015/02/04/what-makes-a-ca-capable-of-issuing-certificates-that-uses-sha-2/

  13. Anonymous says:

    SHA2 certs for Authenticode signing on Vista requires
    https://support.microsoft.com/en-us/kb/2763674 (works for user mode only not for KMCS)

  14. Yuhong Bao says:

    And note that the SHA256 hotfix for Server 2003 is included in MS13-095 also released today because they removed the GDR branch from all new XP/Server 2003 updates 6 months ago.

  15. Curious Observer says:

    SSL Certificate section references 2017, this appears to be a typo and inconsistent with the rest of the depreciation policy.

  16. Amerk [MSFT] says:

    Curious Observer,

    The text is correct. The policy is a bit confusing but necessary. We want to protect both scenarios as soon as possible but the SSL ecosystem will take longer to transition. That’s why we have the split schedule.

  17. Yuhong Bao says:

    Now Office 2010 SP2 and 2013 support SHA2 certificates for VBA digital signatures, but what about 2007?

  18. Ramo says:

    How will this affect Root CAs that are self signed with SHA1? Most roots are signed with this algorithm.

  19. töki says:

    Hi!

    Do Windows XP and 2003 Server support SSL client certificates as well? Am I able to connect to an SHA2 cert web server with my SHA2 SSL client cert? … With XP SP3 of course.  

    Thanks!

  20. user says:

    Does this mean that SHA1 support will eventually be dropped on client computers ? We use sha1 as hash algorithm for certificates deployed on radius servers and some web servers in our organisation. Does that mean that starting 2016 ( or 2017 ) clients will not be able to authentificate to radius servers or access https ressources that have sha1 certificates ?

    regards

  21. Mat says:

    A few thing in here are unclear to me, could you please elaborate on them:

    1. By "Windows will stop accepting SHA1 code signing certificates without time stamps " do you actually mean "Windows will stop accepting code signed by a SHA1 certificate where the signature does not include a timestamp"? I am asking, because I am not aware of a way to add a timestamp to a certificate.

    2. At one point you write "CAs must stop issuing new SHA1 […] Code Signing end-entity certificates by 1 January 2016" and below "Windows will stop accepting SHA1 code signing certificates […] after 1 January 2016". What is true here. Is every SHA1 certificate going to be rejected after that date or only newly issued ones?

    3. Does this really only affect end-entitiy certificates and not root- and intermediate-certificates?

    4. What about other certificate uses not mentioned here, like document signatures on a PDF or S/Mime singned e-mails. Will Windows still consider SHA1 certifcates valid for those usages afte January 2016/2017?

    regards

  22. Matt says:

    What does this mean for CA certificates – root (as mentioned by Ramo), intermediate and issuing?   Will they be able to continue with SHA1 certificates or will they need to be replaced with SHA2 certificates?

  23. Alex Bg says:

    This is a good decision. Better to go to SHA-2 at least, because SHA-1 can be even reverse-engineered due to SHA-1 have no drops in algorithm of valued hash information in every cycle. That was funny because this algorithm was designed by US NSA, and has such a security hole. 🙂

  24. Amerk [MSFT] says:

    @Ramo

    The SHA1 deprecation policy does not impact SHA1 root certificates, because Windows relies on other means to validate root certificates besides the signature.  But all root CAs are expected to switch to use SHA2 to sign any subordinate CA certificates, CRLs, etc.

  25. Amerk [MSFT] says:

    @ Toki,

    I recommend some excellent Windows PKI blog posts for your questions about Windows and SHA2 support. Please see blogs.technet.com/…/sha2-and-windows.aspx and blogs.technet.com/…/common-questions-about-sha2-and-windows.aspx.

  26. Amerk [MSFT] says:

    @ User,

    As I understand your questions, they apply to enterprise managed PKIs.  This policy does not apply to enterprise PKIs where the root CA is managed by the enterprise.  Enterprise admins can enable the strict SHA2 policy via group policy on their enterprise PKI.

    However, in the case where the CA is a subordinate under a CA distributed in the Microsoft Root Cert Program, the policy will apply.  If your questions is whether Radius sever supports SHA2, I don’t know the answer.  SHA2 certificates should be supported on Windows Server 2008 or later, but you might contact your Radius server vendor.

  27. Amerk [MSFT] says:

    @ Matt

    A few thing in here are unclear to me, could you please elaborate on them:

    1. By "Windows will stop accepting SHA1 code signing certificates without time stamps " do you actually mean "Windows will stop accepting code signed by a SHA1 certificate where the signature does not include a timestamp"? I am asking, because I am not aware of a way to add a timestamp to a certificate.

    Answer: Yes, we mean what you say. Apologies for the imprecise language.

    2. At one point you write "CAs must stop issuing new SHA1 […] Code Signing end-entity certificates by 1 January 2016" and below "Windows will stop accepting SHA1 code signing certificates […] after 1 January 2016". What is true here. Is every SHA1 certificate going to be rejected after that date or only newly issued ones?

    Answer: You should read “For code signing certificates, Windows will stop accepting SHA1 code signing certificates without time stamps after 1 January 2016” as “For code signing certificates, Windows will stop accepting SHA1 code signing certificates without time stamps *by* 1 January 2016.  We make no warranties on the exact date that Microsoft will stop accepting SHA1 code signing certs, only that we expect it on or after 1 Jan 2016.  Sorry for the inconsistency.

    3. Does this really only affect end-entitiy certificates and not root- and intermediate-certificates?

    Answer: The policy affects intermediate and end-entity certificates – both intermediates and end-entity certs should transition to SHA2 before the deadlines.  Root certs aren’t validated by the SHA1 signature so they are unaffected by this policy at this time.

    4. What about other certificate uses not mentioned here, like document signatures on a PDF or S/Mime signed e-mails. Will Windows still consider SHA1 certifcates valid for those usages afte January 2016/2017?

    Answer: SHA1 SMIME and SHA1 document signing may be vulnerable at the same time as code signing and SSL, however they are smaller targets than code signing and SSL. This SHA1 deprecation policy focuses on SSL and code signing certs, but the policy will apply to all certificates issued under the root hierarchy including S/MIME. We expect all certificate types excluding code signing and time stamping to follow the SSL deprecation schedule.

  28. Alex Bg says:

    The SHA-3 is on the way. Why? We need fast and efficient hardware-accelerated solution to calculate secure hashes due to all future IT secure solutions will use hash check routinely for even big files and streams like DRM-video. In the year 2016 SHA-2 expected to be obsolete as inefficient in terms of "green energy saving".

  29. Man Ho says:

    Hi,

    When you said the SHA1 deprecation policy does not impact SHA1 root certificates, do you mean that CAs who are already in the root certificate program do not need to re-submit a SHA2 root certificate for replacement in the program?

    Regarding Windows will stop accepting SHA1 end-entity certificates by 1 January 2017 for SSL certificates, there seem to be conflict of policy with CABForum saying that the maximum validity period of SSL certificates should be 39 months. The deadline implies that CAs must stop issuing SHA1 end-entity certificates with 3 years validity period now. I don't think many CAs is able to switch to issuing SHA2 end-entity certificates immediately. Is it possible to reconsider the deadline?

  30. Mat says:

    Another question came to my mind: What about revocation status?

    Do certificates signing CRLs and OCSP responses have to be SHA-2 certificates?

    Do the CRLs and OCSP responses themself have to be signed with SHA-2?

  31. Amerk [MSFT] says:

    Yes, they have to be SHA2

  32. Robin Lin says:

    Hi,

    We have some customer using certificate that is issued from un-trusted root CA.

    My questions are,

    1. The SHA1 certificates are used with the applications develop with CAPI or CNG. Does SHA1 deprecation policy also affect to the certificates used in those applications?

    2. What will happen if the SHA1 certificate displayed in the Windows certificate viewer?

    3. Does the SHA1 deprecation policy will also affect to the end entity certificate which is issued from root CA which is not the Windows trusted root CA? (The root certificate was mannualy import to Windows root certificate store, not distributed via Root update.)

  33. Erwin says:

    When will Microsoft themselves remove MD5 Signatures from their E-Mail Encryption Certificates ? These are even worse then SHA-1…

    And for SHA-1 signed roots, yes they will need to be re-signed with a SHA-2 Hash, as it makes no sense to issue a SHA-2 signed certificate from a SHA-1 signed CA. It is about time that someone starts a depreciation program. Even this year new Root CA's have been signed with SHA-1, to prevent issues with old OS versions like Windows XP or Server 2003.. It's financial benefits versus best security.

  34. Weitsong Lin says:

    Hi,

    I have some question about SHA1 deprecation,

    1. What if user still use SHA1 EE certificate in the applications that were develop using CAPI and CNG?

    2. After the policy effected, how about the SHA1 certificate in Windows/IE certificate looks like?

    3. Is this policy also affect to EE certificate which is not issued by Root Program member CA?

    4. Does Windows Phone SSL also support SHA2?

    Many Thanks!

  35. Mihai says:

    In our organisation we have an internal PKI deployed using a third party CA Management software. We are not involved in the Windows Root Certificate Program. All our certificates (Root, Intermediate, end-entity) currently use SHA-1.

    Are we going to be impacted by this?

    The certifiates are being used in many different environments: Windows, zOS, Unix. Will we still be able to use our certificates in Windows enviroment after 1 january 2017? Thank you.

  36. Amerk [MSFT] says:

    Hi Weitsong,

    Answer to your first question: The SHA1 deprecation policy will apply to any applications that calls the CertGetCertificateChain API to build and validate a certificate chain. The policy do not apply to using SHA1 from the low level crypto primitive APIs, such as CryptHashData or BCryptHashData.

    Answer to your second question: SHA1 certificates will be treated as if the signature is invalid (e.g. CERT_TRUST_IS_NOT_SIGNATURE_VALID). Please see the Remarks section of the CertGetCertificateChain API documentation for details.

    Answer to your third question: No. This policy do not affect certificates that chain up to privately deployed root CAs. Administrators will have the option to enable the no SHA1 policy from Group Policy.

    Answer to your fourth question: IE on Windows Phone 7 and higher supports SHA2.

  37. Mat says:

    Will the revocation information for codesigning certificates (CRL signature and the certificate signing the CRL, OCSP response signature and the certificate signing it) have to bei in SHA-2 by 2016, too?

    You mentioned, that codesigning signatures done with a SHA-1 certificate are still OK by 2016, if they contain a Timestamp. Does this timestamp (and its signing certificate) have to be SHA-2?

  38. OlegAndr says:

    1. If root certificates are also to be updated, then that will create huge issue for those who want to be installed on un-updated windows machines who do not have this roots installed.

    2. I know have a support case opened with MS cause i followed your advice on signing driver by sha2 certificate and Windows refused to recognise it. Way to go.

  39. Amerk [MSFT] says:

    Hi Mat,

    Yes, revocation information will be affected.

    Timestamps can use SHA1 up to 1/1/2016. SHA1 timestamps that are generated before 1/1/2016 will be allowed by Windows after 1/1/2016.

  40. Amerk [MSFT] says:

    Hi OlegAndr,

    Root certificates do not have to be updated. To meet the policy, the root CA will have to switch to use SHA2 by 1/1/2016 when signing new certificates and CRLs. However, the hash algorithm used on the root certificate is excluded from this policy.

    Microsoft is working on an update that will enable SHA2 code signing on Windows Vista and higher. The release date has not been finalized, but we will post that information as soon as we can.

  41. Anonymous says:

    Pingback from SHA1 Deprecation Policy « Jorge's Quest For Knowledge!

  42. Anonymous says:

    Pingback from Authenticity and the November 2013 Security UpdatesIT Security News aggregated by IT Security expert Sorin Mustaca | IT Security News aggregated by IT Security expert Sorin Mustaca

  43. Anonymous says:

    So, we’ve been quiet for a few months, which is extraordinarily embarrassing after I basically

  44. Anonymous says:

    Pingback from Authenticity and the November 2013 Security Updates | UC3

  45. Anonymous says:

    Pingback from Authenticity and the November 2013 Security Updates : Erez Benari's Blog : The Official Microsoft IIS Site

  46. Anonymous says:

    If you haven't had a chance to see the movie Gravity , I highly recommend you take the time to check

  47. Anonymous says:

    Pingback from Authenticity and the November 2013 Security Updates – Safranka M??ty??s szakmai blogja – TechNetKlub

  48. Anonymous says:

    Pingback from Authenticity and the November 2013 Security Updates – System Center Mindenkinek – TechNetKlub

  49. Anonymous says:

    Pingback from Authenticity and the November 2013 Security Updates – Windows Virtualization Team Blog – TechNetKlub

  50. Anonymous says:

    If you haven't had a chance to see the movie Gravity , I highly recommend you take the time to check

  51. Anonymous says:

    Pingback from Authenticity and the November 2013 Security Updates – Windows Server Division weblog – TechNetKlub

  52. Anonymous says:

    Pingback from Authenticity and the November 2013 Security Updates – System Center Team Blog – TechNetKlub

  53. Anonymous says:

    If you haven't had a chance to see the movie Gravity , I highly recommend you take the time to check

  54. Anonymous says:

    Pingback from Authenticity and the November 2013 Security Updates – Microsoft U.S. Partner Team – Partner Community – Microsoft Dynamics Community

  55. Anonymous says:

    Pingback from Authenticity and the November 2013 Security Updates – Dynamics AX Sustained Engineering – Microsoft Dynamics AX – Microsoft Dynamics Community

  56. Anonymous says:

    If you haven’t had a chance to see the movie Gravity , I highly recommend you take the time to check

  57. Anonymous says:

    Pingback from Authenticity and the November 2013 Security Updates : Windows Server Customer Engineering (Customer Advisory Team) : The Official Microsoft IIS Site

  58. Anonymous says:

    If you haven't had a chance to see the movie Gravity , I highly recommend you take the time to check

  59. Anonymous says:

    Pingback from Authenticity and the November 2013 Security Updates : PHP Blogs from Port25 : The Official Microsoft IIS Site

  60. Anonymous says:

    If you haven't had a chance to see the movie Gravity , I highly recommend you take the time to check

  61. Anonymous says:

    If you haven't had a chance to see the movie Gravity , I highly recommend you take the time to check

  62. Anonymous says:

    Pingback from Authenticity and the November 2013 Security Updates – Microsoft Lystavlen – Microsoft Dynamics CRM – Microsoft Dynamics Community

  63. Anonymous says:

    If you haven’t had a chance to see the movie Gravity , I highly recommend you take the time to check

  64. Philippe Cornu says:

    Hi “anonymous”,
    CN = GTE CyberTrust Global Root OU = “GTE CyberTrust Solutions, Inc.” hash: 97:81:79:50:D8:1C:96:70:CC:34:D8:09:CF:79:44:31:36:7E:F4:74
    This SHA1 identified comes from a MD5-hashed certificate.
    If you let me say that : don’t worry about MS’s position, Mozilla indicates that it *may* ban this certificate provided it follows strictly its policy as of 1/1/2014 (so should be already done).
    You main path is to have your certificates resigned from another well-known and compliant CA (e.g. Cybertrust had its certificates cross-signed by Baltimore Cybertrust root, and do not rely anylonger only on GTE Cybertrust root).
    Best regards,
    Ph.

  65. weitsong says:

    Hi Amerk, Administrators will have the option to enable the no SHA1 policy from Group Policy. What if our customer wish to use SHA-1 end entity certificate issued by private Root CA which was import to Root Certificate store of Windows? Does that mean
    the application call CertGetCertificateChain API will get no error code return?

  66. Dee says:

    Can you allow both … legacy continues to see and use SHA-1 .. new system look only to SHA-2 ?

  67. Blues says:

    A few thing in here are unclear to me, could you please elaborate on them: 1. Will the SHA1 certificates which is not issued by Root Program member CA still be treated as valid after 2017/1/1? And any applications that calls the CertGetCertificateChain
    API to build and validate this kind of SHA1 certificate chain will not get the CERT_TRUST_IS_NOT_SIGNATURE_VALID response? 2. Will only the SHA1 certificates which is issued by Root Program member CA be treated as if the signature is invalid (e.g. CERT_TRUST_IS_NOT_SIGNATURE_VALID)
    after 2017/1/1? 3. Will the "strict SHA2 policy via group policy " of Windows OS default be enabled or disabled after 2017/1/1? regards

  68. Benjamín Rodríguez says:

    So…Can I deploy sha-2 in IIS 7 Machine Key hashing? I only see sha-1, not sha-2

  69. toasti says:

    We are using the Forefront TMG 2010 as reverse proxy and I want to change the SSL certificate.
    Is the TMG 2010 full compatible with SHA-2?
    Thanks for your help!

  70. Anonymous says:

    Im

    Entwickler Magazin 3.2014

    ist der dritte (und letzte) Artikel einer kleinen Serie über die

    Sicherheit kryptographischer Verfahren angesichts der NSA-Enthüllungen

    erschienen.

    Die NSA hat die Entwicklung verschiedener Standards

  71. Anonymous says:

    Bei
    entwickler.press
    ist mein E-Book zur Verschlüsselung nach den Snowden-Enthüllungen
    über die NSA-Spionage erschienen:
    "Verschlüsselung im NSA-Zeitalter".

    Seit der Veröffentlichung der von Edward Snowden

  72. Christian Troester says:

    This question bothers me too.

  73. Nick Lowe says:

    Ah, the patch is already being put out via a superseded patch via Windows Update. My mistake!

  74. Aeldra says:

    Hi,
    I’m glad that my post has helped you.
    Please verify whether the public key of the signing private key is imported to the truststore of the server. The problem may be the public key is not trusted by the server.

    http://www.arx.com">digital signature software

  75. Vishal Ahuja says:

    If SHA1 is really weak for web or app security, so why
    http://blogs.technet.com is taking a rest with “sha1WithRSAEncryption”. –
    https://www.sha2sslchecker.com

  76. hhunter says:

    @Amerk – if the policy excludes the hash on root certs, why are some CA’s now allowing you to choose a SHA2 root when renewing? There must be some risk in allowing roots to remain at SHA1

  77. Anonymous says:

      The SHA-1 hashing algorithm for the Microsoft Root Certificate Program is being decommissioned

  78. Anonymous says:

    Celková bezpečnost, kterou PKI IT systémům může poskytovat, je primárně závislá

  79. Anonymous says:

    Last week I worked with a client that went live with their IFD implementation for CRM On-premise. The

  80. Clark Gable says:

    http://www.zeugnis-portal.de

    Nice post, thanks for the tips.

  81. hello,

    you said that "No. This policy do not affect certificates that chain up to privately deployed root CAs. Administrators will have the option to enable the no SHA1 policy from Group Policy."

    would you please be able to explain how a root program CA certificate differs from other/privatelydeployed root CA certificates? How will the API differentiate among them? Does the third-party root certificate store (authroot) contain any flags that mark the
    auto-trusted certificates? Or is it just the certificate store itself which this deprecation policy will apply to?

    thank you! ondrej.

  82. TTop says:

    I have Windows XP. How do I get Service Pack 3?

  83. adumba says:

    My wife’s system is XP Home SP3, my system is XP Pro SP3. Are these systems adequate to handle the changes the you’re making? If not, can they be fixed? Simply (answers in english, please)? Or will we be switching back to a brick and mortar bank (we do
    still have those in Oklahoma)?

  84. T Straub says:

    I’m using Win 7 Home Premium. Spare me the techno-jargon and just tell me am I affected by this change or not ?

  85. Marion says:

    Same as T Straub, Cut the crap. do I need to change or not and if yes, you should be footing the bill, not me.

  86. WD Motzny says:

    Is Windows XP SP 3 able to work with SHA -2 ??
    I can’t follow the "computer speak" details, just tell me if I need to do anything to keep accessing USAA with Windows XP SP 3, Thank you.. veritasmax@earthlink.net

  87. Linda C. McCann says:

    I am not very computer literate technically. I have Windows xpress which microsoft no longer supports so how do I update to access you on the computer. I read your articles and still don’t know what todo

  88. Mona says:

    I have windows XP. Am I required to do anything?

  89. homie says:

    wa the hek does all this mean??

  90. Sharon says:

    I have windows XP….do I need to upgrade my operating system, and if so how do I do that?

  91. bboaz1944@gmail.com says:

    I have no clue what this is about , or what to do about it…

  92. Ian Shearer says:

    This is the most remarkable example of undecipherable gobbledegook I have ever seen. You have truly outdone yourselves.

  93. Virginia H says:

    I am in the dark as to what i can do. I AM USING MICROSOFT XP 6 I am a senior citizen, and all of this is GREEK to me.

  94. Louise W Bischoff says:

    either I missed it or not, where do you go to get this new " fix"

  95. Anonymous says:

      “My certificate provider recently switched to only providing SHA2/SHA256 certificates because

  96. Anonymous says:

    Avec la génération d’OS W2K8, les produits Microsoft ont consommé de plus en plus de certificats

  97. Anonymous says:

    Avec la génération d’OS W2K8, les produits Microsoft ont consommé de plus en plus de certificats

  98. Greg T says:

    Will Microsoft’s SHA-1 deprecation policy apply only to the has on the certificate itself, or does this also apply to the file digest of the driver or executable being signed?

    While the certificate hash may be SHA-256, the default hash used by signtool for the file digest is SHA1. While support has been added to Windows 7 to validate SHA-256 certificates used to sign kernel mode drivers, customers are getting errors when trying to
    install an executable or driver that has a SHA-256 file digest on it.

  99. Anonymous says:

    Hey all, Rob Greene here again. Well it’s been a very long while since I have written anything

  100. Ezra says:

    Please refer to this link
    https://social.technet.microsoft.com/Forums/windowsserver/en-US/495c1165-6ae9-4758-b75c-5db47e4bece4/does-nps-support-sha256-certificates?forum=winserverNAP

    IT Admins on the ground are having trouble with RADIUS implementation via SHA-2. Reverting back to SHA-1 works. How do we overcome this? I am also using RAIDUS implementation using Server 2008 in several of my remote sites. I am skeptical of SHA-2 for my RADIUS
    implementation as we do not have a UAT or test environment. Once we implement SHA-2 and if it breaks, we have a sev1 production issue on our hands which I am not sure how to rolll back.

    Can you kindly advise please?

  101. Sean N says:

    Can we have an answer to a simple question for Certificate Services used internally. We have an offline root Ca with 2 issuing CA’s that use client certificates for port security and SSL web certificates. We only use these Internally. We are using SHA1
    now. What worries do we have to worry about with this deprecation policy? I can’t seem to find a great answer. Will IE stop connecting to our internal SSL sites that have SHA1 certs configured. Will computers stop auto-enrolling in SHA1 client certs after
    1/1/16?

    I’m working on building a new SHA2 CA environment on servers 2012, but our certs are good for 2 years now which means everything issued since 1/1/15 needs to have the new certs from the new SHA2 CA by end of 2016? Is this correct? I hope this makes sense.

    Thanks,

  102. Grant D says:

    As with Sean N we also run our own PKICA (not part of the Windows Root Certification Program). From reading it sounds like we are not affected per-se. However the mechanism for blocking SHA 1 certs in windows does not seem clear. As far as I can work
    out there is no clear distinction in the various Windows APIs for a application to tell if a root cert has been added by a user or is instead auto-installed because it is part of the Windows Root Certification Program (as shown in messages in FF forums:
    https://bugzilla.mozilla.org/show_bug.cgi?id=432802). Will there be any way for us to test what will happen to ensure we are safe?

    An example of concern is obviously that our certs stop working on 1/1/2017 but also if the mechanism of this block was to stop SHA-1 cryptographic algorithm working then elements of our apps that use SHA-1, say for hashing messages to ensure that have not been
    modified, would stop working (for example:if MS used this method to block:
    https://technet.microsoft.com/en-us/library/64580d5a-7b33-4151-8fa9-9efcff0240ad). Whilst I think this is an unlikely method I can’t say for sure and hence this is a major risk for the enterprise that I work for.
    Realize that a decision point in July 2015 has still to be reached my MS to decide if this SHA-1 block can go ahead but more transparency on the what and how (and even better – ways to test) would be really appreciated as this could have a heavy impact on many
    enterprises.

  103. Tim M says:

    After this weeks update I have had customers calling me complaining that they cannot connect to our mail servers. Does anyone know if Microsoft stopped excepting SHA1 SSL connections.

  104. Darwin Boyle says:

    The policy on SHA-1 code signing as stated is this: For code signing certificates, Windows 7 and later versions will stop accepting code signed with SHA-1 certificates without timestamps that were made prior to January 1, 2016.

    Does this mean that (my emphasis) SHA-1 programs built after Jan 1, 2016 will still continue to work? In other words, as long as I timestamp my builds, even after the date, they still continue to work?

  105. Darwin Boyle says:

    Sorry, line should read: Does this mean that any TIMESTAMPED programs built after Jan 1, 2016 will still continue to work?

  106. Andreas M says:

    This is a disaster! No certificate providers are willing to sell a SHA-1 code signing certificate valid longer than Jan 1, 2016. This means that Server 2008 installations cannot update a driver signed after that date because Server 2008 doesn’t support
    SHA-256 in the kernel.

    Server 2008 has extended support until 2020 which is supposed to include security fixes. Going four years with unpatched kernel drivers seems like a pretty big potential security issue to me. Much bigger than any theoretical preimage attack on SHA-1. The train
    to get certificate providers to continue issuing SHA-1 certs may have passed but it’s not too late to add SHA-256 support to Server 2008 kernel driver Authenticode!

    Microsoft, please reconsider!

  107. Treza says:

    Bonjour,

    Pouvez-vous me dire si ISA2006 serait compatible avec un certificat de type SHA2
    Bien entendu la machine Windows 2003 a été patché avec le hotfix adéquat 968730 … 938397 ect
    Merci

  108. N A says:

    Can we have some clearer guidance (with a table perhaps?) on the various restrictions between kernel (boot critical and non-boot critical) and user mode codesigning, plus the double signature (SHA-1 and SHA-2) methodology as applied to kernel and user
    mode? Along with the SHA-2 EV certificate restrictions and usage for kernel mode and user mode on windows 10? The various deadlines mean there is a bad grey zone between windows 10 launch and SHA-1 sunset for developers still supporting Vista/2008, as well
    as those unfortunate enough to still be supporting back to XP/2003 despite the platform support sunset.

  109. Sean says:

    Just one simple answer to one simple question. Does this policy effect non-public CA’s, like internal Microsoft CA’s that companies run for internal certificates? That is all I want to know.

  110. George says:

    There are several industries that make use of self-signed certificates for private webservers.

    One could successfully argue that self-signing is a much bigger security risk than whatever hash is being used.

    I’d like to understand the actual browser behaviour that IE users will see when encountering a self-signed SHA-1 hashed certificate come January 2017. Currently IE 11 will present a warning but allow users to opt to proceed to the site (indicating that it is
    not recommended). Is this the behaviour we should expect to continue come January 2017 with IE 11 when encountering a self-signed SHA-1 hashed certificate?

    This would be consistent with IE’s current behaviour with self-signed MD5 hashed certificates. MD5 being considerably weaker hash than SHA-1.

  111. Deimon says:

    I have a question in my company have an internal PKI based on SHA-1, and all our Web Services use an SSL certificate that consumed other servers. My concern is that after the January 1, 2017, systems that consume web services are affected by ceasing to
    support SHA-1 certificates. What do you think about this? there may be problems in Web services Services if we keep SHA-1?

  112. Lyle says:

    When will the mid-term evaluation of policy impact be complete/posted?

  113. So a digital signatures made with an SHA1 certificate will not be accepted after 2020, it is pretty clear.

    But what about SHA1 time-stamps? Logic tells me that a timestamp will also not be accepted after January 2020 if it was made with a SHA-1, so to made our software 2020-ready we need to use a SHA256 RFC 3161 timestamping service, but Symantec support is trying
    to convince me that this deprecation policy is not applied to timestamps.

    Currently only GlobalSign and StarField TSA services generate SHA256 timestamps.

  114. N A says:

    Symantec is now claiming that you can use SHA-2 certs in SHA-1 signing mode for vista/2008 (same as the first stage in a dual sign for windows 7), but who knows how well that works outside of a 100% fully patched SP2 install with updated cert stores.

  115. Andreas M says:

    Yes, SHA-2 certs will work for Vista/2008 in *user* mode. I guess Microsoft never thought that kernel drivers may need an update or two during the four year time span between Jan 1 2016 and Jan 14 2020?

  116. Grant D says:

    "Microsoft will give new consideration to the SHA deprecation deadlines in July 2015" – August now. We really do need to see the outcome and (I think crucially) clear information on how this is going to be enforced by MS on client and servers (Is it a
    patch – what will the patch actually do etc) if we are to minimise issues occurring when this comes into effect.

  117. Tom Zamer says:

    MSFT Can you please confirm that this is only applicable to Root CAs under the Trusted Root Certificate Program and that if a corporation is using a private self-signed Root CA there would be no disruption of service under this depreciation policy and
    dates?

    If there is posted guidance to this effect please provide the appropriate link.

  118. Anonymous says:

    (2015.09.04 追記)
    本記事でご案内をしている内容は、弊社製品のうち、Visual Studio や .NET Framework といった開発ツールが対象となります。
    Windows

  119. MAR says:

    how there is no update on this crucial topic…is it that difficult to have a proper blog with all that works and doesn’t work explained clearly?!?!

  120. Mary says:

    WHY DOES MY sha 1 certs say that it is fraudulent , self signed

  121. Jody Cloutier - MSFT says:

    This page is out of date. Please see http://aka.ms/sha1 for the latest

  122. Victordada001 says:

    no that is not out of date. that is latest bro. http://justnaukri.in/result">Result

  123. Victor says:

    http://aka.ms/sha1>Please refer this new page

  124. HGM says:

    Thanks for linking to the update. Please leave a copy of the original post though. It’s unhelpful to remove what you wrote from a published site.

  125. Mark Pilgrim says:

    As of October 2015, Google Chrome shows a red warning for
    https://sha1-2017.badssl.com (website using SHA1 beyond deadline) and neutral security for
    https://sha1-2016.badssl.com/

    Internet Explorer doesn’t show any warnings. What’s going on?

  126. Anonymous says:

    212 Microsoft Team blogs searched, 69 blogs have new articles. 226 new articles found searching from

  127. Anonymous says:

    212 Microsoft Team blogs searched, 49 blogs have new articles. 117 new articles found searching from

  128. sqldba says:

    What does this mean with regards for SQL Severs what use sha1 certificates for SSL encryption?

  129. dtencio says:

    A consultation on January 1, 2017, if a Services Web site use SHA-1, will be affected client when consulting?

  130. dtencio says:

    A consultation on January 1, 2017, if a Web Services (WBS) uses SHA-1, will be affected client when consulting?

  131. dtencio says:

    If you have a Windows 2003 Web Services in patched SHA2, may linux or windows 2000 customers consume the service?

  132. mike says:

    I am unable to access the page. http://www.microsoftzzzz.com