In Rebex 2016 R2 we really added a custom managed implementation for SHA-2 on Compact Framework, but this is just the first step we need to take. For the next version of Rebex we are working on a certificate validator that will be able to validate the SHA-2 based certificates automatically in all our TLS/SSL enabled components. (For now our customers would need to supply a custom certificate verifier - e.g. fingerprint verifier to make TLS 1.1/ TLS 1.2 work on CF devices).