Windows Enforcement of Authenticode Code Signing and Timestamping has recently announced a change where Windows (version 7 and higher) and Windows Server will no longer trust any code that is signed with a SHA-1 code signing certificate and that contains a timestamp value greater than January 1, 2016. More information about this announcement is documented here .
Recently customers have asked about the impact of the above policy on SQL Server Products. SQL server utilizes SHA-1 in the following places that are not affected by this windows policy:
If you are using secure communications between the client and the SQL Server instance, then we recommend using the guidelines mentioned in our documentation for using a certificate for encrypted communications. We are also exploring the option of moving to a self-signed certificate which does not use SHA-1.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.