Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Question
Thursday, September 24, 2015 7:25 AM
Can someone explain me the differences between the attributes in certificates issued by microsoft CA: Signature Algorithm and Signature Hash Algorithm.
For example Signature Algorithm: SHA256RSA
and Signature Hash Algorithm: SHA256
Can someone explain aslo how they are used please and when ?
Glenn Camilleri
All replies (1)
Thursday, September 24, 2015 5:51 PM ✅Answered | 1 vote
They are used to determine the signature algorithm and hash function used to sign the certificate. This information is used by certificate chaining engine to validate the signature of the certificate. Certificate chaining engine calculates a hash over a certificate (signed part). Hash method is selected from Signature Hash Algorithm field. Then certificate chaining engine decodes attached signature by using signature algorithm specified in the Signature Algorithm field and recovers signed hash. If both hashes match, then signature is valid, if they differ, the signature is considered invalid.
Vadims Podāns, aka PowerShell CryptoGuy
My weblog: www.sysadmins.lv
PowerShell PKI Module: pspki.codeplex.com
Check out new: SSL Certificate Verifier
Check out new: PowerShell File Checksum Integrity Verifier tool.