List of Operating Systems, Browsers, and Servers Which Support SHA-256Hashes in SSL Certificates
Revised as of: September 8, 2014
The CA SecurityCouncil (CASC) has compiled thefollowing lists of operating systems (OS), browsers,and servers which we believesupport SHA-256 hashing in SSL certificates,as wellas a partial list of servers which apparently do not. Weare providing these listsas a starting point to help enterprisescheck their systems for SHA-256 compliance.
These lists werecompiled from various sources aslisted below. CASChas not independently tested the reported dataand cannot guarantee that allentries on the lists are accurate. Inpreparing your systems to be SHA-256 compliant, CASC recommends youindependently research yourown operating systems, browsers, and servers and obtain confirmation from your vendors before proceeding.
OS, Browsers,and Servers which reportedly support SHA-256 intheir entirety
Operating Systems/Other– support SHA-256
Android 2.3+
Apple iOS3.0+ Apple OS X 10.5+ Blackberry5.0+ ChromeOS Windows 7
Windows Outlook 2003+ running on Service Pack 3 (partial), completeon Windows Vista
Windows Phone 7+
Windows Server2003 SP2 +Hotfixes (Partial)Windows Server 2003with MS13-095 installed WindowsServer 2008
Windows Server2008 R2 Windows Vista
Windows XP SP3+
Browsers – support SHA-256
Adobe Acrobat/Reader 7
Blackberry 5+
Chrome 26+ Chromeunder Linux
Chrome under Macfrom Mac OS X 10.5
Chrome underWindows Vista and higherFirefox 1.5+
Internet Explorer 7+and higher Internet Explorer7+ underVista
Internet Explorer 7+under Windows XP SP3 Java 1.4.2+based products
Konqueror 3.5.6+
Mozilla 1.4+
Mozilla products basedon NSS3.8+ (since April 2003) Netscape 7.1+
Opera 9.0+
Products based onOpenSSL 0.9.8o+ Safari from Mac OSX 10.5+ Windows Phone 7+
Servers – support SHA-256
Adobe Acrobat/Reader 7
Blackberry 5+
Chrome 26+ Chrome underLinux
Chrome under Macfrom Mac OS X 10.5 Chrome underWindows Vista and higherFirefox 1.5+
Citrix Receiver models– see URL* Internet Explorer7+ andhigher Internet Explorer 7+under Vista
Internet Explorer 7+under Windows XP SP3 Java 1.4.2+based products
Konqueror 3.5.6+
Mozilla 1.4+
Mozilla products basedon NSS3.8+ (since April 2003) Netscape 7.1+
Opera 9.0+
Products based onOpenSSL 0.9.8o+ Safari from Mac OSX 10.5+ Windows Phone 7+
Servers which reportedly DO NOT support SHA-256 in theirentirety
Servers Juniper SBR IBMDomino
Citrix Receiver models– see URL* Linux 13.0
IOS 5.8.3
Android 3.4.13
HTML 5 1.2
Playbook 1.0
Blackberry 2.2 / BlackBerry1.0 Tech Preview CiscoACE module software versions A2and A3
*Citrix Receiver modelsURL (see table): http://www.citrix.com/content/dam/citrix/en_us/documents/products-solutions/citrix- receiver-feature-matrix.pdf?accessmode=direct
Sources:
https://www.tbs-certificates.co.uk/FAQ/en/477.html https://www.tbs-certificates.co.uk/FAQ/en/476.html https://support.servertastic.com/sha2-sha256-compatibility/ http://kb.juniper.net/InfoCenter/index?page=content&id=KB23075
https://support.globalsign.com/customer/portal/articles/1499561-sha-256-compatibility http://www.entrust.com/should-you-use-sha-2/
http://www.p2vme.com/2014/02/sha2-certificates-and-citrix-receiver.html http://h10025.www1.hp.com/ewfrf/wc/document?cc=us&lc=en&dlc=en&docname=c02671280 http://blogs.technet.com/b/pki/archive/2010/09/30/sha2-and-windows.aspx http://www.entrust.net/knowledge-base/technote.cfm?tn=8526
Fonte: CASC’S
O Blog apresenta sempre novidades sobre certificação digital. Conheça e divulgue.