Signature Algorithm shows "sha256" but thumbprint algorithm still says "sha1"
I am setting up an issuing CA. I have installed a certificate that uses sha256 Signature Hash Algorithm. But when I scroll down to the bottom of this certificates details panel, the "Thumbprint Algorithm" field still shows SHA1.
Please advise if this is an expected behavior or I am doing something wrong here ?
Regards..
September 15th, 2011 2:17pm
this is expected behavior. Thumbprint is just a property and is just attached to the certificate object by CryptoAPI subsystem and this value is always SHA1. Thumbprint is used only to locate required certificate in the store. Signature is a part
of the digital certificate and is used to verify certificate signature.
My weblog: http://en-us.sysadmins.lv
PowerShell PKI Module: http://pspki.codeplex.com
Windows PKI reference:
on TechNet wiki
Free Windows Admin Tool Kit Click here and download it now
September 16th, 2011 11:26am
Thanks a lot for the clarification!
September 21st, 2011 7:38am