About this update
After you apply this update, the signature and hash algorithm combinations for RSA\SHA512 and ECDSA\SHA512 are enabled for the Transport Layer Security (TLS) 1.2 protocol. This means that you can now use SHA512 certificates on your computer.
If you currently use SHA512 certificates, and do not have this update installed, you may have problems in one or more of the following scenarios by using TLS 1.2:
Notes
If you currently use SHA512 certificates, and do not have this update installed, you may have problems in one or more of the following scenarios by using TLS 1.2:
- Internet Protocol security (IPsec) stand-alone
- IPSec with DirectAccess
- Microsoft Lync Server 2013
- Remote Desktop Services (RDP)
- SSL websites
- SSL based VPN
- Web applications
Notes
- RSA\SHA512 means that the RSA signature algorithm is combined with SHA512 hash algorithm.
- ECDSA\SHA512 means that the Elliptic Curve Digital Signature Algorithm (ECDSA) is combined with SHA512 hash algorithm.
How to obtain this update
Important Do not install a language pack after you install this update. If you do, the language-specific changes in the update will not be applied, and you will have to reinstall the update. For more information, see Add language packs to Windows.
For more information about how to download Microsoft support files, click the following article number to view the article in the Microsoft Knowledge Base:
For Windows 8.1 or Windows Server 2012 R2
The following update rollup is available:For Windows 8 or Windows Server 2012
The following update rollup is available:For Windows 7 or Windows Server 2008 R2
Method 1: Windows Update
This update is available from Windows Update.Method 2: Microsoft Download Center
The following files are also available for download from the Microsoft Download Center:Operating system | Update |
---|---|
All supported x86-based versions of Windows 7 | ![]() |
All supported x64-based versions of Windows 7 | ![]() |
All supported x64-based versions of Windows Server 2008 R2 | ![]() |
All supported IA-64-based versions of Windows Server 2008 R2 | ![]() |
119591 How to obtain Microsoft support files from online services
Microsoft scanned this file for viruses. Microsoft used the most current virus-detection software that was available on the date that the file was posted. The file is stored on security-enhanced servers that help prevent any unauthorized changes to the file. Update detail information
Prerequisites
There is no prerequisite to apply this update.Registry information
To apply this update, you do not have to make any changes to the registry.Restart requirement
You have to restart the computer after you apply this update.Update replacement information
This update does not replace a previously released update.Status
Microsoft has confirmed that SHA512 hash algorithm is turned off by default for the TLS 1.2 protocol in the Microsoft products that are listed in the "Applies to" section.
More Information
By default, the TLS hash algorithm SHA512 is disabled for the TLS 1.2 protocol on a computer that is running one of the affected products that are listed in this article. Therefore, you cannot use SHA512 as a hash algorithm between two computers that are using TLS 1.2 until you install the required updates that are listed in this article.
For more information about TLS, go to the following Microsoft website:
For more information about SHA512, go to the following Wiki website:
For more information about how to deploy SHA512 certificates on client computers, go to the following Microsoft website:
For more information about software update terminology, click the following article number to view the article in the Microsoft Knowledge Base:
For more information about TLS, go to the following Microsoft website:
For more information about SHA512, go to the following Wiki website:
For more information about how to deploy SHA512 certificates on client computers, go to the following Microsoft website:
For more information about software update terminology, click the following article number to view the article in the Microsoft Knowledge Base:
824684 Description of the standard terminology that is used to describe Microsoft software updates