SHA-256 Compatibility

Introduction

SHA-2 is a set of cryptographic hash functions which includes SHA-224, SHA-256, and SHA-512. The 256 in SHA-256 represents the bit size of the hash output or digest when the hash function is performed. Not all software supports every digest size within the SHA-2 family. This article focuses specifically on SHA-256 and its compatibility with various software platforms and operating systems. As a general rule, SHA-256 is supported on OS X 10.5+ and Windows XP SP3+.



Read our Hash Functions article for a better understanding of how they work and how they are used to validate certificates and documents.



For GlobalSign’s policy on SHA-256 issuance as well as important dates set by Microsoft, Google, and Mozilla, please read the SHA-256 Rollout article.



To purchase a trusted SHA-256 certificate, contact a GlobalSign representative.



Index:





OS, Browser, and Server Support

Minimum OS Version

(SSL Certificates) Minimum OS Version

(Client Certificates) Apple OS X 10.5+ 10.5+ Apple iOS

(Required in iOS 9+) [30] 3.0+(Required in iOS 9+) 3.0+ Android* 1.0+ (1.6 / 2.2) 1.0+ Blackberry 5.0+ 5.0+ ChromeOS All Versions All Versions Windows [1] [2] XP SP3+ XP SP3+ Windows Phone 7+ 7+ Windows Server 2003 SP2 + MS13-095 2003 SP2 + MS13-095 Minimum Browser Version Chrome** [7] 1.0+ (38+) Firefox [7] 1.0+ Internet Explorer [7] 6+

(On a SHA-2 Compatible OS) Konqueror 3.5.6+ Mozilla [7] 1.4+ Netscape [7] 7.1+ Opera [7] 6.0+ Safari 3+

(Ships with OS X 10.5) Minimum Server Version Active Directory Federation Server (AD FS) [28] 2.0+

(Must use non-CNG CSP) Apache HTTP Server*** Dependent on OpenSSL or

GnuTLS version. Apache Tomcat Dependent on Java version IBM Domino Server [9] 9.x with Fix Pack IBM HTTP Server [10] Any version with GSKit 7.0.4.14 IBM WebSphere Server [26] 7.0.0.25 / 8.0.04 with PM62842 Microsoft Exchange Server Dependent on Windows Server version NGINX Dependent on OpenSSL version Oracle Wallet Manager 11.2.0.1+ Oracle Weblogic**** [27] 10.3.3+



* Android has the technical capability of handling SHA-256 certificates right from version 1.0. In practice, some users may encounter issues with validating certificates that use cross certificates (these help chain certificates to alternate roots). 1.6 improved this issue for some users, with the issue being resolved as of version 2.2.



** Chrome is capable of supporting SHA-2 certificates as of version 1.0, however through version 37 it is dependent on the operating system. For instance, on Windows Server 2003 without MS13-095 or Windows XP SP2 Chrome will not connect to pages using SHA-2 certs. Applying MS13-095 to Server 2003, or SP3 to Windows XP will allow Chrome to support SHA-2 on these legacy systems.



Chrome 38+ can validate SHA-2 certificates independently, even on systems like Server 2003 without MS13-095 applied.



*** Apache 2.0 is bundled with mod_ssl by default. Versions prior to 2.0 require manual installation of mod_ssl for any SSL support at all. Mod_gnutls is an alternative to mod_ssl, leveraging GnuTLS instead of OpenSSL libraries.



**** Oracle Weblogic Server 10.3.3 and above have JSSE available to support SSL/TLS certificates & connections. Older versions leverage Certicom extensions, which is now considered deprecated.



10.3.3 is the first version to officially support JSSE, it can be enabled by logging in to the admin console and clicking Environment > Servers > ManagedServerName > Configuration > SSL > Advanced > Use JSSE SSL. Click Save; restart your server. Versions prior to 10.3.3 can manually enable JSSE, but it is not officially supported by Oracle.



Firewall Support

Minimum Version Cisco ASA 5500 [29] 8.2 (3.9)





Toolkits, Libraries, Frameworks, etc.



Minimum Version Java [19] Java 1.4.2+ Mozilla NSS [18] 3.8+ OpenSSL* [3] 0.9.8 / 0.9.8o+ GNUTLS [12] 1.7.4+ .NET FX[13] 3.5 SP1+





Support for SHA-2 was introduced in OpenSSL 0.9.8, but is not enabled by default with SSL_library_init(). In 0.9.8, SHA-2 hash functions must be called specifically or by using OpenSSL_add_all_algorithms() which may not be desired. OpenSSL 0.9.8o enables the SHA-2 hash algorithms in the default configuration.



Database Support



Minimum Version MYSQL[23] 5.5.5+ PostgreSQL [24] [25] 8.1 / 8.2*





* The pgcrypto module for PostgreSQL introduced support for the SHA-2 family of hash algorithms with the 8.1 release but only for the standalone module. 8.2 incorporated the SHA-2 functions of the pgcrypto module into PostgreSQL core allowing these hashes to be available to PostgreSQL even if the installed version of OpenSSL does not support it.



Detailed Operating System Support



SSL Certificates

(Client Side) SSL Certificates

(Server Side) S/MIME Code Signing Windows XP (SP1, SP2) ✗ N/A ✗ ✗ Windows XP SP3 ✓ N/A Partial* Partial** Windows Vista ✓ N/A ✓ Partial** Windows 7 [20] ✓ N/A ✓ ✓ Windows 8 ✓ N/A ✓ ✓ Windows 10 ✓ N/A ✓ ✓ Windows Server 2003 / 2003 SP1 ✗ ✗ ✗ ✗ Windows Server 2003 SP2 + MS13-095 ✓ ✓ ✓ ✗ Windows Server 2008 ✓ ✓ ✓ Partial** Windows Server 2008 R2 [20] ✓ ✓ ✓ ✓ Windows Server 2012 & 2012 R2 ✓ ✓ ✓ ✓ Windows Mobile 5 ✗ N/A ✗ N/A Windows Mobile 6 ✗ N/A ✗ N/A Windows Phone 7 ✓ N/A ✓ N/A Windows Phone 8 ✓ N/A ✓ N/A





Notes on "Partial" compatibility:

* S/MIME:

Outlook on Windows XP SP3 can utilize certificates signed with SHA-256 but cannot validate an e-mail signed using the SHA-256 hashing algorithm.

By default Outlook signs with SHA1 even if a SHA2 cert is in use though this behavior can be changed if desired.



** Code Signing:

Code can be signed with a SHA2 cert on any of the systems listed as having partial or full compatibility without issue.

There is an incompatibility with SHA2 signed kernel drivers on the partially compatible platforms. Kernel drivers signed with SHA2 certs will not install on systems listed as having "Partial" compatibility.



E-Mail Clients



The signature hash algorithm on the certificate itself is independent of the signature hash placed on an e-mail. For example, Outlook 2003 on XP SP3 can utilize a certificate signed with SHA-256 to sign an encrypt e-mails. But the signature on the e-mail will be limited to SHA1.



Verify SHA-1 Signed E-Mail Verify SHA-256 Signed E-Mail Send SHA-1 Signed E-Mail Send SHA-256 Signed E-Mail Mozilla Thunderbird 1 - 4 [21] ✓ ✗ ✓ ✗ Mozilla Thunderbird 5 - 37 [4] [21] ✓ ✓ ✓ ✗ Mozilla Thunderbird 38+ [22] ✓ ✓ ? ✓ IBM Notes 8 [8] ✓ ✗ ✓ ✗ IBM Notes 9 [8] ✓ ✓ ✓ ✓ Microsoft Entourage 2004 [17] ✓ ✗ ✓ ✗ Microsoft Entourage 2008 [17] ✓ ✓ ✓ ✓ Microsoft Outlook 2003 & 2007 on XP SP3 [1] [2] ✓ ✗ ✓ ✗ Microsoft Outlook 2007 on Windows Vista [1] [2] ✓ ✓ ✓ ✓ Outlook for Mac 2011 [17] ✓ ✓ ✓ ✓

Set Outlook Hash Algorithm to SHA-1

Outlook 2003: Tools > Options > Settings > Security > Settings > Hash Algorithm > SHA1

Outlook 2007, 2010, 2013: File > Options > Trust Center > Trust Center Settings > E-Mail Security > Settings > Hash Algorithm > SHA1



Document Signing



Place SHA1 Signature with SHA-256 certificate Place SHA2 Signature with SHA-256 certificate Validate SHA2 Signature LibreOffice 4[7] ✓ ✗ ✗ Microsoft Office 2003, 2007[7] ✓ ✗ ✗ Microsoft Office 2010, 2013 ✓ ✓ ✓ Adobe Acrobat 8.0+ ✓ ✓ ✓ Adobe Reader 8.0+ ✓

See Note ✓

See Note ✓



Note: Adobe Reader 8+ can place signatures with a Digital ID if the functionality has been enabled via Adobe Acrobat Professional.



Adobe Acrobat & Adobe Reader are compatible with SHA-256 certs as of version 8.0, but still place SHA1 signatures by default. As of version 9.1, Acrobat & Reader will prefer SHA-256 for the signature hash if available, otherwise it will fall back to SHA1. SHA-2 signatures can be preferred in versions prior to 9.1 through edits to the registry.



Digital signatures placed with newer versions of Microsoft Office may not be backwards compatible with older versions. Legacy compatibility can be specified manually.



Office 2003 - 2010 work with SHA-2 certs, but place SHA1 signatures. Office 2013 uses SHA2 as the default signature hash when available. You can specify the signature hash in Office 2010 & 2013 via the registry.





Windows Code Signing



Executables Kernel Drivers VBA Macros:

Office 2003, 2007 VBA Macros:

Office 2010 VBA Macros:

Office 2013 Windows XP (SP1, SP2) ✗ ✗ ✗ ✗ N/A Windows XP SP3 ✓ ✗ ✗ ✓ N/A Windows Vista [15] ✓ ✗ ✗ ✓ N/A Windows 7 [20] ✓ ✓ ✗ ✓ ✓ Windows 8 ✓ ✓ ✗ ✓ ✓ Windows 10 ✓ ✓ ✗ ✓ ✓



Office 2010 on Windows 7 requires hotfix kb 2598139 to add SHA-256 support for Code Signing Certs.



Windows 7 and Windows Server 2008 R2 require kb 3033929 to validate SHA-2 signed kernel drivers. This update is not available for XP, Vista, 2003, or 2008.



For a more detailed look at hash algorithm support on both certificates & file digests in Windows, read the Windows Code Signing Hash Algorithm Support article.



Minimum Version Visual Studio Tools for Office (VSTO) [16] 10.0.50325

SafeNet iKey / eToken Compatibility



Works with SHA2 Certificate Place SHA1 Signature Place SHA2 Signature iKey 4000 [5] ✓ ✓ ✗ eToken 5100 [6] ✓ ✓ ✓



Mainframe

Minimum Version IBM z/OS [11] v1r10



Citrix Support

Minimum Version Citrix Receiver Varies - See PDF



Sources

[1] SHA2 and Windows.

[2] Common questions about SHA2 and Windows.

[3] OpenSSL 0.9.8 Branch Release notes

[4] Bug 222179 - User preferences should control ciphers used when sending encrypted S/MIME messages

[5] iKey 4000 Specifications

[6] eToken 5100 Specifications

[7] Verified In-House

[8] IBM Notes SHA2 Support

[9] IBM Domino Planned SHA-2 Support

[10] IBM HTTP Server

[11] IBM z/OS

[12] GnuTLS

[13] .NET Security Blog

[14] Security Advisory 2949927 (SHA-2 Hash Support for Kernel Drivers - Currently Retracted)

[15] SHA-2 Signed Executables Windows Vista & Server 2008

[16] VSTO Runtime Update to Address “Unknown Publisher” for SHA256 Certificates

[17] Digital Certificate Requirements (Technet)

[18] Mozilla NSS 3.8 Release Notes

[19] Java 1.4.2 Release Notes

[20] Availability of SHA-2 Code Signing Support for Windows 7 and Windows Server 2008 R2

[21] Add recognition of SHA-2 hashes when verifying S/MIME messages

[22] Thunderbird 38 Release Notes

[23] MYSQL 5.5 Release Notes

[24] PostgreSQL 8.1 Release Notes

[25] PostgreSQL 8.2 Release Notes

[26] PM62842: Web Services Security Runtime Update to Support SHA-2 Signature Algorithms

[27] Oracle Weblogic - Configuring SSL

[28] Certificate Requirements for Federation Servers

[29] Release Notes for the Cisco ASA 5500

[30] App Transport Security Technote