We recently disabled SHA on one of our webservers (Win2k8 RS Standard, IIS 7) using IIS Crypto, and now Firefox can't access the website - error message displayed is "Secure Connection Failed: The connection to the server was reset while the page was loading. The page you are trying to view cannot be shown because the authenticity of the received data could not be verified. Please contact the website owners to inform them of this problem." Other browsers (Edge, IE, Chrome, Opera) have no such issue. The website uses a SHA2 cert and on other browsers is encrypted with the TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA256 cipher over TLS 1.2. Firefox version is 64.0.2 (x64), latest build.

I've heard mention that Firefox has dropped support for any version of SHA after SHA1 and would like to confirm this is the case, as this seems a bit odd. Anybody have any insight on this? Any application-side settings I can change to circumvent the error? Does the webserver absolutely need SHA enabled to view the page?