locked
Where has KB968730 gone!? RRS feed

  • Question

  • Hi,

    Hopefully an easy one for the experts on here.

    I've been given the glorious task of trying to get SHA256 certificates working on a system that's predominantly Server 2003 and XP based.

    I believe I need KB938397 to allow 2K3 to understand the SHA256 signature on certificates and KB968730 to allow a XP/2K3 device to request certificates from Server 2008 or later CAs.

    I can download KB938397, but KB968730 always results in a 404 Not Found message.

    Does anyone know where it's gone?  Or, has it been superseded?  (No comments about it being superseded by 2K8, 2K12, 2K16 please - that decision is out of my hands)

    Thanks in advance.


    Gareth Williams


    Thursday, October 25, 2018 1:16 PM

Answers

  • Hi,

    Thanks for posting in our forum.

    MS does not support this update any more.

    For this situation, we suggest you to upgrade your windows 2003 and XP.

    Hope above information could help.

    Best Regards,

    Kallen


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    • Marked as answer by gareththered Monday, October 29, 2018 1:16 PM
    Friday, October 26, 2018 7:21 AM

All replies

  • Hi,

    Thanks for posting in our forum.

    MS does not support this update any more.

    For this situation, we suggest you to upgrade your windows 2003 and XP.

    Hope above information could help.

    Best Regards,

    Kallen


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    • Marked as answer by gareththered Monday, October 29, 2018 1:16 PM
    Friday, October 26, 2018 7:21 AM
  • Hi,

    I understood that 2003 is unsupported.  I was confused by the fact that some downloads are available (KB938397) while others aren't (KB968730).

    Anyway, I've passed it up the food-chain and they're content that it now can't be done.

    Thanks,

    Gareth


    Gareth Williams

    Monday, October 29, 2018 1:16 PM
  • Hi,

    Thanks for your support and patience.

    If there is anything else we can do for you, please feel free to post in the forum.

    Best Regards,

    Kallen


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Tuesday, October 30, 2018 2:14 AM
  • I've recently come across this issue and also unable to locate the above KB's.  These KB's were not however on any of the other S2k3 Terminal Servers we had in production, so kept looking elsewhere.  I found one article referencing a KB2868626 that was specified as to allow generating SHA256 certificates on s2k3.

    https://serverfault.com/questions/670600/windows-server-2003-r2-iis6-sha-256-ssl-certificates

    I have installed this, and found this has allowed me now to access sites with SHA256 certificates.

    https://support.microsoft.com/en-us/help/2868626/ms13-095-vulnerability-in-xml-digital-signatures-could-allow-denial-of

    https://www.microsoft.com/en-gb/download/confirmation.aspx?id=40973

    Hopefully a temp solution to moving to a newer platform, but may help anyone in the same situation.

    Kenny

    Tuesday, February 5, 2019 10:33 AM