Hi all,
I'd like to renew the self-signed certificates using SHA256 within Exchange 2013 (EAC / Servers / Certificates / named: Microsoft Exchange, Microsoft Exchange Server Auth Certificate and WMSVC). We have an internal vulnerability scanner complaining about the use of SHA-1 due to the recent finding. The externally facing SSL is using SHA256 but this was generated and signed outside of Exchange 2013, and simply imported.
I've tried this command but as this server doesn't have the CA role install it's not working:
certutil -setreg ca\csp\CNGHashAlgorithm SHA256
Error is: certutil -setreg command FAILED: 0x80070002 (win32: 2 error_file_not_found)
How can these self-signed certificates be renewed using SHA256?
Thanks
Chris