Self-signed certificate generator (PowerShell) SHA-2? RRS feed

  • Question

  • Hi,

    The Doc for this script lists only the following Signature Algorithms:

    Currently signature algorithms are limited to: 

    But I found on another forum that

    Trying to access a secure website that only uses SHA-1 encryption.  SHA-1 encrypted websites with certificates valid beyond Jan. 1, 2017 are marked as definitely insecure with Red HTTPS slash.  Such websites need to update their security certs to SHA-2.

    I notice that the script was last updated 9/11/16, which would predate this 1/1/17 change to the SHA-2 requirement.

    Apparently I need to generate a new certificate, but it seems this script will not generate one with the currently-required encryption level. Is there a way to do this? Can I use one of the other supported signature algorithms? Suggestions?

    Thank you very much,

    David Baldwin

    • Moved by Bill_Stewart Wednesday, December 12, 2018 8:19 PM Unanswerable drive-by question
    Tuesday, August 28, 2018 5:58 PM

All replies

  • Post issues with setting up web sites and SSL certs in the IIS forum.

    If you are talking about accessing public web sites then there is no way to change the client to make the site use a valid SSL cert.


    Tuesday, August 28, 2018 6:09 PM