Post a reply to the thread: More on Code Sign - dual signing sha1 and sha256
Click here to log in
What's the name of our main installation product (in uppercase letters), directly followed by the current year?
You may choose an icon for your message from this list
Will turn www.example.com into [URL]http://www.example.com[/URL].
Re: More on Code Sign - dual signing sha1 and sha256 You are very welcome, Rick !! Friedrich
Re: More on Code Sign - dual signing sha1 and sha256
Re: More on Code Sign - dual signing sha1 and sha256 Hi Friedrich, Nice chart. Thanks for the clarification. Rick
Re: More on Code Sign - dual signing sha1 and sha256 Hi Rick, It depends on the Windows 7 patch level. To support older Windows operating systems (e.g. Windows XP, Vista, early Windows 7 versions) and modern Windows systems (Windows 8.x and later) after 1 January 2016, you have to dual SHA-1/SHA-2 code-sign your files using Microsoft Authenticode compatible time stamp and RFC 3161 compliant trusted time stamp servers (SHA-2 compatible code-signing certificate is required). See the attached screenshot. On some older Windows 7 machines, SHA-2 does not work as expected. If you only support Windows 7 SP1 and later, then SHA-2 is no problem. Friedrich
More on Code Sign - dual signing sha1 and sha256 From reading on Microsoft's site it sounds like it is necessary to dual sign your application to include both sha1 and sha256 if you want your program to run on Windows 7 and Windows 8/10. https://msdn.microsoft.com/en-us/lib...=vs.85%29.aspx https://knowledge.symantec.com/suppo...int&actp=PRINT As an experiment, I code signed a utility with only sha256. It ran fine on a Windows 7 machine. What are the downsides to only code-signing with sha256? Is it really necessary to also include sha1 if your program is running on Win 7? TIA, Rick
More on Code Sign - dual signing sha1 and sha256
Forum Rules