1. Open command prompt as Administrator

2. Upgrade the hashing algorithm to sha256:

certutil -setreg ca\csp\CNGHashAlgorithm SHA256

3. Renew the Certificate by going to MMC > Certification Authority (Local) Snap In. Right-click the CA and select Renew All Tasks > Renew CA Certificate. Select whether you want to keep the existing keys or create new ones

4. Check sha256 is now in place – Certificate Authority > Right click domain > Properties > View Certificate > Details

Credit goes to https://support.symantec.com/en_US/article.TECH246255.html

Written by Matt Cooper
Hi, I'm Matt Cooper. I started this blog to pretty much act as a brain dump area for things I learn from day to day. You can contact me at: matt@matthewc424.sg-host.com.