Configure legacy hashing algorithm

Supported on: At least Windows Server 2008 R2 or Windows 7

Registry

HKCU software\policies\microsoft\office\16.0\common\signatures

Options

legacyhashalg enum

MD5 -> md5
SHA1 -> sha1
SHA256 -> sha256
SHA384 -> sha384

Description

This policy setting allows you to configure whether Office displays a digital signature as legacy when it contains specific hash algorithms. If you enable this policy setting, you can specify the weakest hash algorithm that Office treats as legacy. You can specify any of the following algorithms: - MD5 - SHA1 - SHA256 - SHA384 If you don’t configure this policy setting, Office treats digital signatures containing SHA1 or better as valid. For example, if you set SHA256 as the legacy hashing algorithm, Office treats SHA384 signatures as valid.