(Solved) ID6035: Cannot create a HashAlgorithm / “Object Identifier (OID) is unknown”

November 29, 2010 Off By David

Implementing the Windows Identity Foundation of Windows Server 2003 and experiencing errors such as the following?

Exception:
System.NotSupportedException, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089

Error Message:
ID6035: Cannot create a HashAlgorithm with name ‘
http://www.w3.org/2001/04/xmldsig-more#rsa-sha256′using the ‘System.IdentityModel.Tokens.X509AsymmetricSecurityKey’ crypto provider. SHA256 may require a minimum platform of Windows Server 2003 and .NET 3.5 SP1.

The same error can be experienced if you try to use FedUtil.exe on Windows 2003. Attempts to do so will result in the following error message;

Object Identifier (OID) is unknown

No doubt you have ensured that you are indeed on Windows Server 2003 (doh!) and indeed have .NET Framework v3.5 with Service Pack 1.

This error is due to, in some cases, the HashAlgorithm not being registered on Windows 2003.

The Fix

Microsoft have published a HotFix that solves this issue. I have found that the hotfix requires a server restart upon installation.