SHA256 Code Signing and Microsoft 2008 Small Business Server

After a software update on a 2008 SBS Server, we encountered a problem with the Quickbooks installation. What used to work with Quickbooks now showed an error message that there was a problem verifying the program’s signature.

Viewing the executable’s properties and looking at the Digital Signatures tab, it showed an error with the signature verification there too. I checked to executable from a 2008 R2 remote desktop server and the digital signature tab showed no problems.  Looking through the folder’s previous version for the executable from before the upgrade, it was observed that it was signed with SHA-1.  The new file was signed with SHA-256.

I was able to find the following information about code signing and 2008 SBS does not support SHA-256 signing.   https://social.technet.microsoft.com/wiki/contents/articles/31296.implementing-sha-2-in-active-directory-certificate-services.aspx .  The software vendor was notified and said they’d work on signing with SHA-1 again on next release.

Networking SBS 2008