思科安全应用上已经有相关版本作示明确提示,例如:anyconnect ,详细如下:
http://www.cisco.com/c/en/us/td/docs/security/vpn_client/anyconnect/anyconnect41/release/notes/b_Release_Notes_AnyConnect_4_1.htmlGuidelines and Limitations
Microsoft No Longer Supporting SHA-1
A secure gateway with a SHA-1 certificate is considered valid by a Windows endpoint until January 2017. After January 2017, Windows endpoints will no longer consider a secure gateway with a SHA-1 certificate as trusted. Ensure that your secure gateway does not have a SHA-1 identity certificate.
"Code Signing Certificates: Windows will no longer trust files with the Mark of the Web attribute that are signed with a SHA-1 code signing certificate and are timestamped after 1/1/2016." Refer to the Microsoft documentation for more details: here
Files signed before January 1st, 2016 will be valid until January 1st, 2017.
Note
Due to the code signing changes, the current AnyConnect users mustupgrade to 3.1.13011, the future version of 4.2 MR, or AnyConnect 4.3+ releases in order to keep their AnyConnect functional on Windows platforms after January 1st, 2017.