Microsoft Exchange and Active Directory Blog
By default, Windows servers use self-signed certificates for the RDP connection. The self-signed certificates then cause a certificate warning when the RDP connection to a Windows server is established: This warning can be avoided by automatically rolling out certificates from a Windows certification authority on the servers and renewing them if necessary. The installation ... Read more
Anyone who has not yet thought about replacing their SHA1 certificates with SHA256 (also known as SHA2) should not wait too much longer. Microsoft has announced that it will no longer support SHA1 certificates from June 2016 and will therefore block them. A corresponding entry can be found here: http://blogs.windows.com/msedgedev/2015/11/04/sha-1-deprecation-update/ Mozilla has also ... Read more
All certificates have an expiration date, which is usually a long time in the future. Who remembers a certificate that was purchased 2 years ago or even longer? Some CAs send reminder e-mails, but not all. For internal CAs, the CA reporter may be able to help. If you only have a few purchased certificates, you can use Excel ... Read more
From 01.01.2016, Microsoft will declare SSL certificates with SHA1 as the hash algorithm invalid. Web servers or services that use certificates with SHA1 will therefore trigger certificate warnings in the user's browser. Therefore, SHA1 certificates should be replaced slowly but surely. In order for an internal CA to issue certificates with SHA256 (SHA2), the CA must ... Read more
