Search the Community
Showing results for tags 'sha-2'.
My company is going through an exercise to retire all of the SHA-1 certificates in the environment due to its upcoming EOL date by MSFT. One of the larger pools of devices using a SHA-1 cert are the end user devices, which use a self-signed SHA-1 certificate when using RDP. Most of the info i've found online so far only discuss how to force this cert to use SHA-1 with registry edits, but nothing about SHA-2. Has anyone gone through this exercise yet? If not you may need to soon. Looking for some technical pointers on how to accomplish this. Also, we currently use the self-signed cert that each device generates when connecting. If i force a new certificate from a domain CA, wouldn't I lose the ability to RDP from non-domain computers?