I am setting up an issuing CA. I have installed a certificate that uses sha256 Signature Hash Algorithm. But when I scroll down to the bottom of this certificates details panel, the "Thumbprint Algorithm" field still shows SHA1. Please advise if this is an expected behavior or I am doing something wrong here ? Regards..

this is expected behavior. Thumbprint is just a property and is just attached to the certificate object by CryptoAPI subsystem and this value is always SHA1. Thumbprint is used only to locate required certificate in the store. Signature is a part of the digital certificate and is used to verify certificate signature. My weblog: http://en-us.sysadmins.lv PowerShell PKI Module: http://pspki.codeplex.com Windows PKI reference: on TechNet wiki

Thanks a lot for the clarification!