All,
As you probably know, Microsoft published a security advisory on
"Deprecation of SHA-1 Hashing Algorithm for Microsoft Root Certificate
Program". The policy takes effect after January 1, 2016 and requires CAs to
migrate to the stronger SHA-2 hashing algorithm.
Organizations need to develop a migration plan for SHA-1 code signing
certificates that expire after January 1, 2016. To support
older Windows operating systems (e.g. Windows XP, Vista, early Windows 7
versions) and modern Windows systems (Windows 8.x and later) after 1 January
2016, you have to dual SHA-1/SHA-2 code-sign your files using Microsoft
Authenticode compatible time stamp and RFC 3161 compliant trusted time stamp
servers (SHA-2 compatible code-signing certificate is required).
Only 127 days left... !!!
But don't panic. The upcoming SetupBuilder 10 Developer Edition can dual
SHA-1/SHA-2 code-sign your application files and the setup.exe for you :-)
More info to come soon.
Friedrich
--
Friedrich Linder
Lindersoft | SetupBuilder | www.lindersoft.com
954.252.3910 (within US) | +1.954.252.3910 (outside US)
--SetupBuilder "point. click. ship"
--Helping You Build Better Installations
--Create Windows 10 ready installations in minutes
--Official COMODO Code Signing and SSL Certificate Partner