changing certificate settings to SHA2 only breaks Client Automation

Document ID : KB000097848
Last Modified Date : 23/05/2018
Show Technical Document Details
Client has both SHA1_1024 and SHA2_2048 certificates on all systems and things work fine. When changing the configuration policy to use SHA2_2048 only, nothing works.
Any supported Windows environment running ITCM / ITCA version 14 SP1
code bug
Code fix T55L059 -  PROBLEM SYMPTOM: WIN-CUSTOM CERTIFICATE AUTHENTICATION obtained by support per request
Additional Information:
While the fix description lists only two scenarios, it has been proven to work in other cases as well:

                 Custom certificate authenticaion fails for SD
                 modules when DSM gui is opened in the below two
                 1) Manager is SHA1 & SHA2 supported and explorer
                 machine is only SHA1 supported.
                 2) Manager is only SHA1 supported and explorer
                 machine is SHA1 & SHA2 supported