In my work environment we use a trusted CA for our internal SSL certs, and currently using SHA-1. A current project has me researching SHA-2 as part of the SHA-1 deprecation, and I am wondering why we don't just use our own self-signed ssl certificates if all it is used for is internal server to server communication? I am doing some research and I am quite confused as to the exact date Microsoft will stop accepting SHA-1 certificates. See google search link below. (Does this pertain to both desktop and server OS's?)
I am under the impression that Windows (desktop and server OS) will prompt our users to trust the certificate on 1/1/2017 if the ssl certificate is SHA-1.
Can someone please clarify what is going to happen once SHA-1 is deprecated, "as per Microsoft"?
Thank you in advance!!!