Hi,

On November 12, 2013, Microsoft announced that it's deprecating the use of the SHA-1 algorithm in SSL and code signing certificates. The Windows PKI blog post "SHA1 Deprecation Policy" states that Windows will stop accepting SHA-1 end-entity certificates by January 1, 2017, and will stop accepting SHA-1 code signing certificates without timestamps after January 1, 2016. This policy officially applies to Windows Vista and later, and Windows Server 2008 and later, but it will also affect Windows XP and Windows Server 2003.

What does this mean to our FIM CM infrastructure?

1. If we update our FIM CM integrated CA to use SHA-2, will FIM CM continue to work as usual?
2. Will we need to update anything on the FIM CM server (like update the fingerprint? or anything else?)
3. Will we need to renew all our Smart Cards, or will they continue to work?

Thank you,

SK