Windows Server 2016

Upgrading Windows PKI from SHA1 to SHA2

Wednesday, June 7, 2017

As I’m sure most of us know by now, SHA1 cryptography hashes have been increasingly under attack, and are now regarded as fully broken. In fact, my use of “now” kinda understates the point; you should be urgently looking to upgrade to SHA2 if you have any devices or servers using certificates. If you’re not aware of these risks then please look around. There are some good introductory articles on the entrust website that talk about this issue, but please note that these articles are from 2014 and somewhat understand the urgency of the issue.

Continue reading →

Migrating from ADFS 2.1 to 4.0

Sunday, October 2, 2016

{There was a section here on converting Windows 2016 server eval to full version for enterprise customers, but as Windows 2016 is properly out there now it seems pointless. I've pasted what was here into the comments below in case anyone needs it} Upgrading ADFS The first question after deciding to roll out a new version of Windows server into your organisation is what to deploy first, and the answer for me, at least, turned out to be ADFS 4.

Continue reading →