New
#1
SHA2 Self Signed Cert
Our Nessus vulnerability scanner has been flagging our computers with the following vulnerability: SSL Certificate Signed Using Weak Hashing Algorithm
Basically what it's telling us is that we need to upgrade the local Remote Desktop Certificate from SHA1 to SHA2.
These certificates are self-signed and self-generated by the local machine. If you look at the certificate you'll see that theIssued to: and Issued by: fields show the name of the local machine.
The question is: how do these auto-generated, self-signed certificates, which are currently SHA1, get upgraded to SHA2? Remember, these are not created by the local Enterprise CA, they're auto-generated by the local machine itself for Microsoft-branded software such as AD and RDC.
Looking for ideas/suggestions on how to do this.