locked
IE 9, Windows 7, Windows 8, SHA-2 encryption, certificate RRS feed

  • Question

  • Currently, I have I have an Exchange 2010 Service with 2 client access/ transport servers and 2 mailbox servers.  I use a barracuda load balance appliance to manage the CASarray.   Our SSL certificate for the service is currently SHA-1.  I would like to replace  the SSL certificate so that it using SHA-2 encyption keys.  What compatibility issues do I need to be concerned about?  Most of our users are running Windows 7 with Outlook 2010 and/or Outlook 2007 to the Exchange 2010 service.    We also have a few Apple users running OS X and Office 2011 for the MAC.   We have a lot of ipad ii and above and iphone 4 and above users  using ios to connect to the service as well.    People  use a variety of web browsers:  firefox, chrome, internet explorer, safarii.  Most of my users are still using IE 9.x due to better compatibility with some of our SAP software.

    Will my users have problems using a comodo sha-2 ssl certificate in my environment?  Specifically, will there be issues with IE9.x on Windows 7?  Any issues with Apple devices?

    Wednesday, June 4, 2014 6:27 PM

Answers

  • Hi,

    In order to both sign and validate SHA2 messages, Windows Vista or 7 with Outlook 2007 or 2010 is needed, so according to your description, it's fine to move to SHA-2 in your corporation.

    Please see detailed information about SHA-2 with Windows in the following blog, some recommendations for Outlook and Windows are included in this link

    http://blogs.technet.com/b/pki/archive/2010/09/30/sha2-and-windows.aspx

    For mac users, it's better to contact the Apple support, for they're more familiar with their products like ipad, iphone and other Apple devices.


    Yolanda Zhu
    TechNet Community Support

    • Marked as answer by Roger Lu Friday, June 20, 2014 1:13 AM
    Thursday, June 5, 2014 7:21 AM