Hi,
We currently have a single Root CA (AD integrated) in our organization and it uses SHA-1. We have issued some certificates internally by using this CA. So now we need to migrate the certificate from SHA-1 to SHA-2.
We have tested the migration in our test environment by using the command below:
certutil -setreg ca\csp\CNGHashAlgorithm SHA256
Once we run this command weobserved the Thumbprint algorithm as still to be SHA1 after upgrade of the CA from SHA1 to SHA2. Although the signature & signature hash alogrithm are SHA 256..
The other thing is we need to migrate the certificates which is issued by using SHA1 to SHA2. what are the step recommended for it?