SHA-256, also known as SHA-2 support is available for Code Signing starting April 1st, 2013 at no extra charge. SHA-2 was developed by National Institute of Standards and Technology (NIST) and is the recommended cryptographic hash function to replace SHA-1 by the end of 2014.
The option for SHA-2 is available through the ordering pages, reissue process and via the API for QuickOrder, QuickInvite and Reissue.
Some older applications and operating systems may not support SHA-2, for example, Windows XP Service Pack 2 or lower does not support the use of SHA-2. Java SDK 1.4.2 or higher needs to be installed and used on the server for SHA-2 support for Java server support.
For Windows environment, please refer to the following blog for SHA-2 deployment:
Java SDK 1.4.2 or higher for SHA-2 deployment on Java servers.
In addition, Apache version 2.x or higher is required to support SHA-2 on Apache based servers and Open SSL 1.1.x will be required for certificate signing request and private key generation.
SHA-2 support is available to you as an option in securing your code signing certificates. Please check with your Security Officer on your corporate policy.