Effective February 14, 2017, Windows no longer trusts certain certificates signed with SHA-1. System Center Configuration Manager 2007 supports SHA-1 but does not support SHA-2 certificates. If you use SHA-2 certificates with Configuration Manager 2007, Configuration Manager continues to operate as expected using SHA-1 fallback.
For more information, see Windows Enforcement of SHA1 certificates.
For later versions of Configuration Manager see,
- System Center 2012 Configuration Manager and System Center 2012 R2 Configuration Manager – PKI Certificate Requirements for Configuration Manager.
- System Center Configuration Manager current branch and long term servicing branch – PKI certificate requirements for System Center Configuration Manager.