SHA-2 server and browser compatibility

In the nearest future all trusted certificates within the industry will be signed with the SHA-2 signature algorithm only, as the certificates signed with SHA-1 are considered to be vulnerable. The full transition to SHA-2 is already applied to the certificates we offer. It is time to check whether the software you are using is compatible with SHA-2. The new and updated versions of the software are released by vendors to satisfy the new security standards.

Below we provided the list of the SHA-2 compatible servers, browsers and Operating Systems.

We used various sources for the list creation, but we cannot guarantee that all the data provided below is accurate. It is highly recommended to research your software solely or to inquire into the matter directly with your vendors before SHA-2 signature algorithm certificates implementation.

Operating Systems

Browsers

Servers

Android 2.3+

Adobe Acrobat/Reader 7

Apache server with OpenSSL 0.9.8o+

Apache 2.x or higher, with OpenSSL 1.1.x or higher *

Apple iOS 3.0+

Blackberry 5+

Cisco ACE module software version A4(1.0)

Apple OS X 10.5+

Chrome 26+

Citrix Receiver models*

Blackberry 5.0+

Firefox 1.5+

Mac 11.8.2

ChromeOS

Internet Explorer 7+ and higher

Internet Explorer 7+ under Vista

Internet Explorer 7+ under Windows XP SP3

Windows Server 2008+

Windows Server 2003

Windows Server 2003 or XP client

Windows 7

Windows Vista

Windows Phone 7+

Windows Server 2003 SP2 +Hotfixes (Partial)

Windows Server 2003 with MS13-095 installed

Windows Server 2008, 2008 R2

Windows XP SP3+*


Java 1.4.2+ based products

IBM HTTP Server 8.5 (bundled with Domino 9)


Konqueror 3.5.6+

Java based servers – Java 1.4.2+


Mozilla 1.4+

Mozilla NSS based servers - 3.8+


Netscape 7.1+

OpenSSL based servers – OpenSSL 0.9.8o+


Opera 9.0+

Oracle WebLogic from the version 10.3.1+


Products based on OpenSSL 0.9.8o+



Safari from Mac OS X 10.5+



Windows Phone 7+



Servers which do not support SHA-2

Juniper SBR

IBM Domino ( * but, HTTP proxy server can handle the inbound HTTPS requests with the SHA-2 signature algorithm used)

Citrix Receiver models

Linux 13.0

IOS 5.8.3

Android 3.4.13

HTML 5 1.2

Playbook 1.0

Blackberry 2.2 / BlackBerry 1.0 Tech Preview

Cisco ACE module software versions A2 and A3

      
       Reference resources:

SHA-2 compatibility with Windows products by Microsoft: http://blogs.technet.com/b/pki/archive/2010/09/30/sha2-and-windows.aspx

Apache documentation http://httpd.apache.org/docs/current/mod/mod_ssl.html

According to Citrix Receiver Features table: http://www.citrix.com/content/dam/citrix/en_us/documents/products-solutions/citrix-receiver-feature-matrix.pdf?accessmode=direct

IBM server and HTTP proxy: https://www-01.ibm.com/support/docview.wss?uid=swg27041958

Comments

We welcome your comments, questions, corrections and additional information relating to this article. Your comments may take some time to appear. Please be aware that off-topic comments will be deleted.

If you need specific help with your account, feel free to contact our Support Team. Thank you.

Need help? We're always here for you.

× Close