In the nearest future all trusted certificates within the industry will be signed with the SHA-2 signature algorithm only, as the certificates signed with SHA-1 are considered to be vulnerable. The full transition to SHA-2 is already applied to the certificates we offer. It is time to check whether the software you are using is compatible with SHA-2. The new and updated versions of the software are released by vendors to satisfy the new security standards.
Below we provided the list of the SHA-2 compatible servers, browsers and Operating Systems.
We used various sources for the list creation, but we cannot guarantee that all the data provided below is accurate. It is highly recommended to research your software solely or to inquire into the matter directly with your vendors before SHA-2 signature algorithm certificates implementation.
|
Operating Systems |
Browsers |
Servers |
|
Android 2.3+ |
Adobe Acrobat/Reader 7 |
Apache server with OpenSSL 0.9.8o+ Apache 2.x or higher, with OpenSSL 1.1.x or higher * |
|
Apple iOS 3.0+ |
Blackberry 5+ |
Cisco ACE module software version A4(1.0) |
|
Apple OS X 10.5+ |
Chrome 26+ |
Citrix Receiver models* |
|
Blackberry 5.0+ |
Firefox 1.5+ |
Mac 11.8.2 |
|
ChromeOS |
Internet Explorer 7+ and higher Internet Explorer 7+ under Vista Internet Explorer 7+ under Windows XP SP3 |
Windows Server 2008+ Windows Server 2003 Windows Server 2003 or XP client |
|
Windows 7 Windows Vista Windows Phone 7+ Windows Server 2003 SP2 +Hotfixes (Partial) Windows Server 2003 with MS13-095 installed Windows Server 2008, 2008 R2 Windows XP SP3+* |
Java 1.4.2+ based products |
IBM HTTP Server 8.5 (bundled with Domino 9) |
|
Konqueror 3.5.6+ |
Java based servers – Java 1.4.2+ |
|
|
Mozilla 1.4+ |
Mozilla NSS based servers - 3.8+ |
|
|
Netscape 7.1+ |
OpenSSL based servers – OpenSSL 0.9.8o+ |
|
|
Opera 9.0+ |
Oracle WebLogic from the version 10.3.1+ |
|
|
Products based on OpenSSL 0.9.8o+ |
||
|
Safari from Mac OS X 10.5+ |
||
|
Windows Phone 7+ |
|
Servers which do not support SHA-2 |
|
Juniper SBR |
|
IBM Domino ( * but, HTTP proxy server can handle the inbound HTTPS requests with the SHA-2 signature algorithm used) |
|
Citrix Receiver models |
|
Linux 13.0 |
| IOS 5.8.3 |
|
Android 3.4.13 |
|
HTML 5 1.2 |
|
Playbook 1.0 |
|
Blackberry 2.2 / BlackBerry 1.0 Tech Preview |
|
Cisco ACE module software versions A2 and A3 |
Reference resources:
SHA-2 compatibility with Windows products by Microsoft: http://blogs.technet.com/b/pki/archive/2010/09/30/sha2-and-windows.aspx
Apache documentation http://httpd.apache.org/docs/current/mod/mod_ssl.html
According to Citrix Receiver Features table: http://www.citrix.com/content/dam/citrix/en_us/documents/products-solutions/citrix-receiver-feature-matrix.pdf?accessmode=direct
IBM server and HTTP proxy: https://www-01.ibm.com/support/docview.wss?uid=swg27041958
Usefulness
Updated
10/26/2015
Viewed
7170 times
Comments
We welcome your comments, questions, corrections and additional information relating to this article. Your comments may take some time to appear. Please be aware that off-topic comments will be deleted.
If you need specific help with your account, feel free to contact our Support Team. Thank you.
