I am checking the integrity of the gpg4win installer on Windows and I would like to check the sha256 sum of my file’s certificate. My windows (Windows 11) only show the sha1 sum of my file’s certificate. How can I check sha256? Can I do this using SignTools or another tool provided by Microsoft? (I consider files from Microsoft servers to be more trusted.)
I tried to check via User Account Control->Show more details->Show information about the publisher’s certificate->Details-> Thumbprint There’s only sha1 there.
I’m looking for sha256 because the gpg4win website(https://wiki.gnupg.org/Gpg4win/CheckIntegrity) claims it’s better than sha1.
![[Strawpoll] If PHP introduced a “high assurance” mode that required common best-practices, with tighter error handling and stricter controls over implicit behaviour…](https://www.rubin.com.np/wp-content/themes/customizr/assets/front/img/thumb-standard-empty.png)