Microsoft just announced they will likely stop support of SHA-1 earlier than initially planned. Now target date is June 2016 (was initially planned for January 2017)
As of November 11, 2013 Microsoft issued the Windows Root Certificate Program – Technical Requirements version 2.0 , this contains the SHA1 Deprecation Policy (http://blogs.technet.com/b/pki/archive/2013/11/12/sha1-deprecation-policy.aspx) which says that:
- CAs must stop issuing new SHA1 SSL and Code Signing certificates by 1 January 2016.
- For SSL certificates, Windows will stop accepting SHA1 certificates by 1 January 2017. This means any SHA1 SSL certificates issued before or after this announcement must be replaced with a SHA2 equivalent by 1 January 2017.
- For code signing certificates, Windows will stop accepting SHA1 signed code and SHA1 certificates that are time stamped after 1 January 2016. SHA1 signed code time stamped by an RFC 3161 Time Stamp Authority before 1 January 2016 will be accepted until such time when Microsoft decides SHA1 is vulnerable to pre-image attack.
- The Program will no longer accept for distribution new root certificates with code signing use supporting SHA1 or RSA 2048. New code signing root certificates must support SHA2 and RSA 4096.
Recommendations and steps to upgrade a CA to support SHA2:
first, check the current CA hash algorithm value: certutil -getreg ca\csp\CNGHashAlgorithm
C:\Windows\system32>certutil -setreg ca\csp\CNGHashAlgorithm SHA256
CNGHashAlgorithm REG_SZ = SHA1
CNGHashAlgorithm REG_SZ = SHA256
CertUtil: -setreg command completed successfully.
The CertSvc service may need to be restarted for changes to take effect.
C:\Windows\system32>net stop certsvc
The Active Directory Certificate Services service is stopping.
The Active Directory Certificate Services service was stopped successfully.
C:\Windows\system32>net start certsvc
The Active Directory Certificate Services service is starting.
The Active Directory Certificate Services service was started successfully.
Note: then you can simply issue certificates to clients using SHA256 even if the entire certification authority’s chain is signed with SHA1 certificates. The applications consuming the SHA256 certificates have to support the SHA256 signature on any given certificate in the chain.
After that, you must create a new template by duplicating the default ones like “Web Server” to “Windows 2008 enterprise” mode to support SHA2 and CNG support, then once duplicated, go to CRYPTOGRAPHY tab of the new template and select SHA256,SHA384 or SHA512.