SHA-2 - Server 2003 Support/Compatibility

May 25, 2018 in Windows and Certificate FAQ

Issue: When installing a certificate issued with a SHA-2 signature algorithms (which includes SHA-256, SHA-384, and SHA-512) on Windows Server 2003, the following error is displayed - ' The integrity of this certificate cannot be guaranteed. This certificate may be corrupted or may have been altered. '

Solution: In order to resolve this error, Microsoft has released a hotfix in order to provide limited compatibility for certificates issued with SHA-2 signature algorithm, this can be downloaded from Microsoft's support website.

For more information regarding SHA-2 compatibility for Server 2003 please reference the following Microsoft article below:

http://blogs.technet.com/b/pki/archive/2010/09/30/sha2-and-windows.aspx