Policy

Configure invalid hashing algorithm

This policy setting allows you to configure whether Office displays a digital signature as invalid when it contains specific hash algorithms. If you enable this policy setting, you can specify the weakest hash algorithm that Office treats as invalid. If you enable this policy setting, you can specify any of the following algorithms: - MD5 - SHA1 - SHA256 - SHA384 If you don’t configure this policy setting, Office won’t treat digital signatures as invalid because of the hashing algorithm. For example, if you set MD5 as the invalid hashing algorithm Office treats MD5 signatures as invalid.

Policy
Pack Microsoft Office
Category Microsoft Office 2016 / Security Settings / Digital Signatures
Policy ID 313df3e335a2
Internal name L_SelectDigitalSignatureInvalidHashingAlgorithm

Registry

Copy registry mappings

HKCU\software\policies\microsoft\office\16.0\common\signatures\invalidhashalg

Policy notes

This policy setting allows you to configure whether Office displays a digital signature as invalid when it contains specific hash algorithms. If you enable this policy setting, you can specify the weakest hash algorithm that Office treats as invalid. If you enable this policy setting, you can specify any of the following algorithms: - MD5 - SHA1 - SHA256 - SHA384 If you don’t configure this policy setting, Office won’t treat digital signatures as invalid because of the hashing algorithm. For example, if you set MD5 as the invalid hashing algorithm Office treats MD5 signatures as invalid.

Related policies

Check the XAdES portions of a digital signatureConfigure invalid DSA public key sizeConfigure invalid RSA public key sizeConfigure legacy DSA public key sizeConfigure legacy hashing algorithmConfigure legacy RSA public key sizeConfigure minimum DSA public key size