Windows XP and SHA 256

sha256A little while back I ran into an issue where I was trying to get a new certificate to work on a Windows XP (full patched) box, but for the life of me it just would not work. I spent a lot of time going through and checking the usual suspects (typo with the name, valid dates, certificate chain, etc.) and I finally came across these two interesting links regarding Windows XP and SHA2:

http://blogs.technet.com/b/pki/archive/2010/09/30/sha2-and-windows.aspx http://support.microsoft.com/en-us/kb/938397

It would seem that you can get it to work in most cases, however some things just aren’t going to be supported. The first link actually has a real nice table detailing what will and will not work.

Long story short, XP is dead and it will only get worse as time goes on.

Leave a Reply

%d bloggers like this: