For security reasons and in connection with an Interior Ministry's regulation, the Czech Post will switch to certificates with the SHA-2 algorithm support and a minimum necessary length of 2048 bits for the encryption algorithm key.

The change will mostly affect users of the Client Zone, which is a part of Czech Post's website, and online services available in the Client Zone (such as Online Posting).

Users are advised to check their browsers and operating systems for compatibility with the SHA-2 algorithm-based certificates.

For instance, those who log in to the Client Zone via Internet Explorer and use an operating system that does not support an SHA-2 certificate (see the table below) will not be able to log in to the Client Zone once the certificates have changed.

All Mozilla Firefox or Opera users will have no problem.

Table of supported operating systems for working with SHA-2 certificates in the IE browser.

Operating system	SHA-2 certificate validation support
Windows 2000	X
Windows XP before SP3	X
Windows XP after SP3	OK
Windows Server 2003	OK must have hotfix KB 938397 installed
Windows Vista	OK
Windows 7	OK
Windows Server 2008	OK

Users without installed PostSignum certificates who will try to log in will see a warning informing them about the change, or their login attempt will fail.

Such users are advised to confirm the trustworthiness of the PostSignum certification authority and install the necessary root certificates onto their computer or browser.

You can find more information about the root certificates on PostSignum.cz.

If you have any query about or problem with installation of the certificates, please contact the HelpDesk of Czech Post's Certification Authority (phone: 840 11 12 44, email: helpdesk-ca@cpost.cz).