Changing Microsoft ADCS from sha1 to sha256

This entry was posted in Active Directory ADCS Microsoft Uncategorized Windows on by

When ADCS uses sha1 for their certificates, you might want to change it to sha254.

NOTE: Make sure all your devices support sha256

sha1

2014-11-05 13_59_49-sha1

sha256

2014-11-05 13_59_12-sha256

To achieve this enter the following commands in an elivated DOS-box:

certutil -setreg cacspCNGHashAlgorithm SHA256
net stop certsvc
net start certsvc

2014-11-05 13_58_38-DOS_BOX

Leave a comment

Your email address will not be published. Required fields are marked *