SHA2 Certificates in Windows 2003 CA - windows-server-2003

Is it possible to create a certificate template that uses SHA-2 (sha256, sha224, sha384, sha512), from a Windows server 2003 CA?
I know how to do it in Windows server 2008 based CA, with the new version (version 3) - it is possible to specify the hash algorithm (Under the "Cryptography" tab of the template properties). But is it possible in 2003 based CA?
Thanks.

http://support.microsoft.com/kb/938397 will add SHA-2 support on a 2003 server. Don't know if certificate templates with SHA-2 can be created after applying this fix.

OK. The support for SHA-2 was added on Vista (and Windows Server 2008)
So it's impossible...

Related

Code signing systems for software in Linux like Authenticode in Windows

SO!
We're developing a desktop app for Windows and using *.pfx Code Signing certificate from GlobalSign for signing code after compiling.
Now we have also started developing and building this app in Linux for Linux-based systems.
Does Linux have the similar trust systems for apps as Authenticode for Windows? Are there any CA such as GlobalSign?
From my search i only found that Linux devs either use self-signed certs (assuming themselves as CA), or trying push their apps to large soft repos such as HomeBrew., that signed them automatically.
From there: Code Signing for Linux.
And from there: Authenticode or other code signing for Mac and Linux.
That's Linux authenticate code by validation binaries once while installing the package. The package (e.g. RPM) contains a cryptographic signature that must match the contents of the files or the installer will refuse to install. But what is exactly this crypto signature and how to take this sign?
Thanks in advance!

Cant create workspace TFS from Android Studio

I installed the TFS plugin (http://java.visualstudio.com/) for Android Studio but I can not connect to the server. Any extra ideas? Thank you!
evidence image
This error can be interpreted to be the result of self-signed certificate. If the certificate in use is Self-signed or any other certificate that is private to the internal network.
Java doesn’t trust such certificates and for which, we can import the cert into the trust store and make it to work.
The link explains how the certificate import works in a Linux machine
(which is also applicable for Windows).
the “keytool” is under “\bin\keytool.exe”, and
the “cacerts” trust store is under
“\jre\lib\security\cacerts”.
should be the jre/jdk installation used by IntelliJ.
This should have resolved the above TFS connectivity failure.
Reference this article: Error: SSL certificate problem: unable to get local issuer certificate
And this thread: How to properly import a selfsigned certificate into Java keystore that is available to all Java applications by default?

Is the SMTP virtual server deprecated in IIS 7?

It seems that in IIS 7 (7.5, Windows Server 2008 R2) the SMTP virtual server is a second-class citizen, only being configurable through the IIS 6.0 compatibility-mode management tool. This arrangement leads me to wonder whether the SMTP virtual server is deprecated, or otherwise "on it's way out".
Is this accurate? Is the SMTP virtual server shipped with IIS being phased out? Is there a replacement on its way in?
TL;DR from here: Yes, it's gone. You can install IIS 6 SMTP server, but it sucks. Far better to use something like hMailServer which is free and works great.
It is recently that Microsoft started to add explicit notes to its documentation around IIS 6 SMTP service in recent Windows releases (IIS 8 and above) that deprecating this component for good,
The IIS SMTP Virtual Server Component that is mentioned in this article is part of IIS 6.0, the support for which has ended with the support of Windows Server 2003. To relay emails to Office 365, use one of the supported versions of Exchange Server.
https://learn.microsoft.com/en-us/iis/application-frameworks/install-and-configure-php-on-iis/configure-smtp-e-mail-in-iis-7-and-above#note
So literally speaking, you shouldn't use SMTP service after July 14, 2015 (end of life date for Windows Server 2003).

To check whether Office is installed in a server

How do I programmatically find whether MS OFfice is installed in a list of server in a Windows Network.
For XP Office
You have to search in registry:
HKLM\Software\Microsoft\Office\version\Common\InstallRoot
My first thought was 'why would you have Office installed in servers?' but maybe you're using the word server to mean something more general.
The link provided by Svetlozar, above, seems to be for determining if Office is installed locally, not on a list of servers in a Windows network.
Wouldn't it be considered a security risk to allow remote access to this kind of information?

HTTPS in IIS 5.1

I'm using IIS 5.1 in Windows XP on my development computer. I'm going to set up HTTPS on my company's web server, but I want to try doing it locally before doing it on a production system.
But when I go into the Directory Security tab of my web site's configuration section, the "Secure communication" groupbox is disabled. Is there something I need to do to make this groupbox enabled?
That is because IIS 5.1 under the limited Windows XP version is limited to only HTTP. You need to have a full version of IIS 6.0 on Windows 2003 to do this. Luckily you can download a VHD image of Windows 2003 from Microsoft and run it under a Virtual PC instance. Plus I would recommend this since you are trying to be careful and use a machine close to your production environment. IIS 5.1 version is never deployed as a production machine so you cannot guarantee anything and the differences between IIS 5.1 and IIS 6.0 are significant enough where the VM is worth your while.
You may need to manually create a certificate first (on WinXP there does not seem to be a built-in mechanism, so you need to use OpenSSL). Check out these two links:
Enabling SSL in IIS on Windows XP Professional
Enabling SSL (HTTPS) for IIS in Windows XP

Resources