Changing Microsoft ADCS from sha1 to sha256

November 5, 2014·1 min

Active Directory ADCS Microsoft Uncategorized Windows

Author

John Billekens

Technical Consultant | End User Computing

When ADCS uses sha1 for their certificates, you might want to change it to sha254. NOTE: Make sure all your devices support sha256 sha1 sha256 To achieve this enter the following commands in an elivated DOS-box:

certutil -setreg cacspCNGHashAlgorithm SHA256
net stop certsvc
net start certsvc

↑