In 2012, the U.S. National Institute of Standards and Technology (NIST) indicated that the SHA-1 hashing algorithm should no longer be used by federal agencies
. Our products use self-signed SSL certificates by default (you can replace that with your own certificate), and SHA-1 is used as the signature algorithm.
We started researching moving to SHA-2 (SHA-256, SHA-512, etc). In our research we discovered that Windows Server 2003 doesn’t recognize SHA-2 algorithms without a special update, which unfortunately is not pushed out through Windows Update. This is very unfortunate as Windows Server 2003 is a stable operating system and still in heavy use.
You can read more about it in a Microsoft blog post, including information on getting the update which will enable SHA-2 support.
If you’d like to use SHA-2 in your self-signed certificates that are created by our products, contact us and we can show you how to do it (pretty easy to do — you just have to be sure no Windows Server 2003 or Windows XP machines will need to connect).
