The following two resources should help: - http://social.technet.microsoft.com/wiki/contents/articles/31296.implementing-sha-2-in-active-directory-certificate-services.aspx
- http://blogs.technet.com/b/askds/archive/2015/04/01/migrating-your-certification-authority-hashing-algorithm-from-sha1-to-sha2.aspx J From: Jason Sandys Sent: Monday, August 31, 2015 3:20 PM To: [email protected] Subject: RE: SCCM 2012 PKI Certificate with SHA2 certificate V2 Cert templates support SHA2 no problem. Are you sure your CA is configured to issue SHA2 certs? J From: [email protected]<mailto:[email protected]> [mailto:[email protected]] On Behalf Of Sylvain Hamel Sent: Monday, August 31, 2015 3:12 PM To: [email protected]<mailto:[email protected]> Subject: [mssms] SCCM 2012 PKI Certificate with SHA2 certificate Hi, Does anyone know how to make SHA-2 certificate to work with SCCM 2012 R2 ? In the following documentation<https://technet.microsoft.com/en-us/library/gg699362.aspx>, they say "SHA-1 and SHA-2 hash algorithms are supported". However, they also say that v3 certificate template are not supported. "When you use an enterprise certification authority and certificate templates, do not use the version 3 templates. These certificate templates create certificates that are incompatible with Configuration Manager. Instead, use version 2 templates by using the following instructions:" The problem is that we don't seem to be able to select SHA-2 in a certificate template v2. Or I missed something ? Sylvain Hamel IT Technical Leader, Core Infrastructure Applications McGill University - Network and Communication Services *: 514-398-5024<tel:514-398-5024> *: [email protected]<mailto:[email protected]>
