How to enable SHA2 Support on Windows 7

Overview

Starting in January of 2016, Microsoft started enforcing the requirement to use SHA2 in digital certificates, rather than the older SHA1 method which has been shown to have security vulnerabilities. SHA2 is a name for a set of hash algorithms that includes SHA256. SHA2 support is standard in Windows 8.1 and above as part of the move from CAPI to CNG.  However, it was not supported in Windows 7.

The Charismathics products that use the TPM on Windows 7 require support of SHA256. This requires the installation of the following 2 system installs.

KB3033929

If you are up to date on your Windows 7 SP1 updates, this should already be installed. 
Information: https://support.microsoft.com/en-us/kb/3033929
Download: http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB3033929

KB2921916

This system install is not part of standard updates. It is a hotfix, and needs to be installed manually.
Information: https://support.microsoft.com/en-us/kb/2921916
Download: 471834_intl_x64_zip.exe

Installation

Download Windows6.1-KB3020369-x64.msu.

Download 471834_intl_x64_zip.exe and run to extract the following update file: Windows6.1-KB2921916-x64.msu.
Copy the files to a directory, for example c:\tmp

Run the following command from an elevated command prompt:

wusa.exe c:\tmp\Windows6.1-KB2921916-x64.msu
wusa.exe c:\tmp\Windows6.1-KB2921916-x64.msu

 

 

 

Have more questions? Submit a request

0 Comments

Please sign in to leave a comment.
Powered by Zendesk