Problem
As of January 2017 support for the SHA-1 hash algorithm will be discontinued and will be regarded as invalid by all browsers and operating systems.
We presume that as early as January 2016, it will come to error or alarm messages in leading browsers and operating systems if the hash algorithm for end uders/end devices is not SHA-256 or higher.
Solution
The current versions of iQ.Suite and Crypt Pro KeyManager support certificates with the hash algorithm SHA-256.
The use of SHA-256 S/MIME certificates is supported by Crypt Pro KeyManager, Version 3.5.5 and the following iQ.Suite versions:
- iQ.Suite Exchange/SMTP 12.1 and higher
- iQ.Suite Exchange/SMTP 13.1 and higher
- iQ.Suite Domino 16.0 and higher
- iQ.Suite Domino 17.2 and higher
This refers to encryption and signature verification.
Further information
The following iQ.Suite versions are affected:
- iQ.Suite Domino Version 16.0.3 and higher
- iQ.Suite Exchange/SMTP Version 12.1.5 and higher
- iQ.Suite Crypt Pro KeyManager 3.5.5 and higher