locked
Outlook S/MIME with SHA-2 algorithms RRS feed

  • Question

  • Hello to all,

    I'm trying to figure out why Outlook (2013) allow to select hashing algorithm SHA1, SHA256, SHA384, SHA512 for some certificates and only SHA1 for some others. I've noticed that all depends from which CSP holds the certificate: for example all certificates on smart cards that comes with my classic CSP allow me to choose SHA1 only. At the moment I don't have a clear idea if implementing a minidriver would resolve the problem. Does anyone knows this for sure before I go down this road ?

    Thanks


    DieguZ

    Sunday, May 10, 2015 3:33 PM

All replies

  • Most likely it is because the certificate does not support anything more then sha1, the classic csp does not support sha1 anyway.

    Mitch Roberson MCM Exchange 2010|MCITP:Enterprise Server Admin, Messaging 2007, 2010 |MCTS:OCS with Voice Achievement |MCT |MCSE 2000\2003 |MCSE Messaging 2000\2003

    Wednesday, December 2, 2015 8:20 PM
  • Most likely it is because the certificate does not support anything more then sha1, the classic csp does not support sha1 anyway.

    Mitch Roberson MCM Exchange 2010|MCITP:Enterprise Server Admin, Messaging 2007, 2010 |MCTS:OCS with Voice Achievement |MCT |MCSE 2000\2003 |MCSE Messaging 2000\2003


    Hello Mitch, thanks for the reply. But I'm pretty sure that the certificate is able to do SHA-256 because, since I developed our custom classic CSP for the same smart card holding the certificate, I'm able to sign with SHA-256 through other applications. So this is very strange.

    DieguZ

    Thursday, December 3, 2015 9:03 PM