Tripredacus Posted March 2, 2022 Share Posted March 2, 2022 I am having some difficulty working with a driver because the countersignature cannot be read, and that uses SHA384. I read one various sites, such as this: https://social.technet.microsoft.com/Forums/en-US/44f02720-ec1d-4ddd-a985-b1d1f23488ea/needed-2-ciphers-in-windows-7 That Windows 7 does not support SHA384 officially, but I was wondering if there is any known way of being able to read these types of certificates. Link to comment Share on other sites More sharing options...
Dixel Posted March 3, 2022 Share Posted March 3, 2022 (edited) It does , it's included in the updates, at least someone got it to work. Sorry , don't use win 7 myself to confirm. "After installing today's patches. I found that the cipher suites, signature algorithms and elliptic curves on Windows 7 were updated. Document is here: Microsoft Security Bulletin MS14-066 - Critical https://docs.microsoft.com/en-us/security-updates/SecurityBulletins/2014/ms14-066 User Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko signature algorithms: SHA512/RSA, SHA512/ECDSA, SHA256/RSA, SHA384/RSA, SHA1/RSA, SHA256/ECDSA, SHA384/ECDSA, SHA1/ECDSA, SHA1/DSA" https://success.qualys.com/discussions/s/question/0D52L00004TnujbSAB/microsoft-updated-the-cipher-suites-on-windows-7 Edited March 3, 2022 by Dixel sec. link 2 Link to comment Share on other sites More sharing options...
mshultz Posted March 3, 2022 Share Posted March 3, 2022 This article explains what patches need to be installed for SHA-2 support: https://support.microsoft.com/en-us/topic/2019-sha-2-code-signing-support-requirement-for-windows-and-wsus-64d1c82d-31ee-c273-3930-69a4cde8e64f 1 Link to comment Share on other sites More sharing options...
Tripredacus Posted March 3, 2022 Author Share Posted March 3, 2022 A little from both, I have now resolved this issue. It is weird because I'm certain I had previously installed some SHA2 support on that system already. I can read the certs now on the driver but still having an issue using them, it must be unrelated. Link to comment Share on other sites More sharing options...
Dixel Posted March 4, 2022 Share Posted March 4, 2022 12 hours ago, Tripredacus said: I have now resolved this issue. It is weird because I'm certain I had previously installed some SHA2... Could it be because they have different SHA-2 updates versions ? And ,as far as I know, they were later included inside of the big all-in-one rollup packs. 2 Link to comment Share on other sites More sharing options...
mshultz Posted March 4, 2022 Share Posted March 4, 2022 The August 2018 Windows 7 x64 ISO I got from Microsoft included the SHA-2 update. That saved me the trouble of having to install it prior to installing the Nvidia video driver. Link to comment Share on other sites More sharing options...
TSNH Posted March 4, 2022 Share Posted March 4, 2022 There were at least 3 Windows 7 updates that claimed to add/update SHA-2 support in Windows 7: KB2949927 from 2014 - https://support.microsoft.com/kb/2949927 KB3033929 from 2015 - http://support.microsoft.com/kb/3033929 KB4474419 from 2019 - https://support.microsoft.com/help/4474419 And some more info here: https://aka.ms/sha1deprecation Interestingly this Microsoft article mentions the 2019 update as the first one Link to comment Share on other sites More sharing options...
Tripredacus Posted March 4, 2022 Author Share Posted March 4, 2022 I had used KB2868725, KB4474419 v3 and KB4490628 The system is completely isolated on the network so it can't do things like update the root certificate list. Which I did download but there is no instruction on how to use it. I had gotten the link from Event Viewer as a log was made every time I looked at the cert on the file in question. These updates made that event log go away also. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now