So, we have a Windows Server 2003 Service Pack 2 (SP2) machine and both HOTFIX KB 938397 and KB 968730 are installed. When we try to use SHA2 certificates (SHA256), everything still happens:
• Such a certificate can be imported into the certificate store, but later it becomes apparent that the signature algorithm is not recognized and that it is designated as damaged with an invalid digital signature; the same certificate imported under Windows Server 2008 is displayed where "This certificate is in order."
• If someone approaches a web service that requires SSL with client authentication certificates (as installed in IIS), the web method call fails if this type of client authentication certificate is transmitted with the "403 Forbidden" error. If the sha1RSA certificate is transmitted during the call, the web service does return a significant result. The call is made from the .NET code, framework 1.1, running on the same server.
Does anyone have any experience? Microsoft support is slow and we need to do this in 2011-1-1
source
share