diff --git a/include/QtCrypto/qca_publickey.h b/include/QtCrypto/qca_publickey.h
index 1e18670f..9626d6df 100644
--- a/include/QtCrypto/qca_publickey.h
+++ b/include/QtCrypto/qca_publickey.h
@@ -68,7 +68,11 @@ enum SignatureAlgorithm
 	EMSA3_MD5,        ///< MD5, with EMSA3 (ie PKCS#1 Version 1.5) encoding (this is the usual RSA algorithm)
 	EMSA3_MD2,        ///< MD2, with EMSA3 (ie PKCS#1 Version 1.5) encoding
 	EMSA3_RIPEMD160,  ///< RIPEMD160, with EMSA3 (ie PKCS#1 Version 1.5) encoding
-	EMSA3_Raw         ///< EMSA3 without computing a message digest or a DigestInfo encoding (identical to PKCS#11's CKM_RSA_PKCS mechanism)
+	EMSA3_Raw,        ///< EMSA3 without computing a message digest or a DigestInfo encoding (identical to PKCS#11's CKM_RSA_PKCS mechanism)
+	EMSA3_SHA224,     ///< SHA224, with EMSA3 (ie PKCS#1 Version 1.5) encoding
+	EMSA3_SHA256,     ///< SHA256, with EMSA3 (ie PKCS#1 Version 1.5) encoding
+	EMSA3_SHA384,     ///< SHA384, with EMSA3 (ie PKCS#1 Version 1.5) encoding
+	EMSA3_SHA512      ///< SHA512, with EMSA3 (ie PKCS#1 Version 1.5) encoding
 };
 
 /**
diff --git a/plugins/qca-ossl/qca-ossl.cpp b/plugins/qca-ossl/qca-ossl.cpp
index 55c1650e..c33c2387 100644
--- a/plugins/qca-ossl/qca-ossl.cpp
+++ b/plugins/qca-ossl/qca-ossl.cpp
@@ -1784,6 +1784,14 @@ public:
 			md = EVP_md2();
 		else if(alg == EMSA3_RIPEMD160)
 			md = EVP_ripemd160();
+		else if(alg == EMSA3_SHA224)
+			md = EVP_sha224();
+		else if(alg == EMSA3_SHA256)
+			md = EVP_sha256();
+		else if(alg == EMSA3_SHA384)
+			md = EVP_sha384();
+		else if(alg == EMSA3_SHA512)
+			md = EVP_sha512();
 		else if(alg == EMSA3_Raw)
 		{
 			// md = 0
@@ -1802,6 +1810,14 @@ public:
 			md = EVP_md2();
 		else if(alg == EMSA3_RIPEMD160)
 			md = EVP_ripemd160();
+		else if(alg == EMSA3_SHA224)
+			md = EVP_sha224();
+		else if(alg == EMSA3_SHA256)
+			md = EVP_sha256();
+		else if(alg == EMSA3_SHA384)
+			md = EVP_sha384();
+		else if(alg == EMSA3_SHA512)
+			md = EVP_sha512();
 		else if(alg == EMSA3_Raw)
 		{
 			// md = 0
@@ -3403,6 +3419,18 @@ public:
 		case NID_dsaWithSHA1:
 		    p.sigalgo = QCA::EMSA1_SHA1;
 		    break;
+		case NID_sha224WithRSAEncryption:
+		    p.sigalgo = QCA::EMSA3_SHA224;
+		    break;
+		case NID_sha256WithRSAEncryption:
+		    p.sigalgo = QCA::EMSA3_SHA256;
+		    break;
+		case NID_sha384WithRSAEncryption:
+		    p.sigalgo = QCA::EMSA3_SHA384;
+		    break;
+		case NID_sha512WithRSAEncryption:
+		    p.sigalgo = QCA::EMSA3_SHA512;
+		    break;
 		default:
 		    qDebug() << "Unknown signature value: " << OBJ_obj2nid(x->cert_info->signature->algorithm);
 		    p.sigalgo = QCA::SignatureUnknown;
diff --git a/unittest/certunittest/CMakeLists.txt b/unittest/certunittest/CMakeLists.txt
index c671109c..10a68f93 100644
--- a/unittest/certunittest/CMakeLists.txt
+++ b/unittest/certunittest/CMakeLists.txt
@@ -11,7 +11,8 @@ target_link_libraries( certunittest qca ${QT_QTTEST_LIBRARY})
 FOREACH( testFileName RootCAcert.pem 76.pem altname.pem csr1.pem 
 	 GoodCACRL.pem ov-root-ca-cert.crt User.pem QcaTestClientCert.pem xmppcert.pem 
 	 Server.pem QcaTestServerCert.pem xmppcert.pem newreq.pem
-	 QualitySSLIntermediateCA.crt QcaTestRootCert.pem Test_CRL.crl )
+	 QualitySSLIntermediateCA.crt QcaTestRootCert.pem Test_CRL.crl
+	 RAIZ2007_CERTIFICATE_AND_CRL_SIGNING_SHA256.crt )
    CONFIGURE_FILE(${CMAKE_CURRENT_SOURCE_DIR}/certs/${testFileName} ${CMAKE_CURRENT_BINARY_DIR}/certs/${testFileName} COPYONLY)
 ENDFOREACH( testFileName )
 
diff --git a/unittest/certunittest/certs/RAIZ2007_CERTIFICATE_AND_CRL_SIGNING_SHA256.crt b/unittest/certunittest/certs/RAIZ2007_CERTIFICATE_AND_CRL_SIGNING_SHA256.crt
new file mode 100644
index 00000000..71f9f88d
Binary files /dev/null and b/unittest/certunittest/certs/RAIZ2007_CERTIFICATE_AND_CRL_SIGNING_SHA256.crt differ
diff --git a/unittest/certunittest/certunittest.cpp b/unittest/certunittest/certunittest.cpp
index df72c814..c2c55958 100644
--- a/unittest/certunittest/certunittest.cpp
+++ b/unittest/certunittest/certunittest.cpp
@@ -45,6 +45,7 @@ private slots:
     void checkExpiredServerCerts();
     void checkServerCerts();
     void altNames76();
+    void sha256cert();
     void crl();
     void crl2();
     void csr();
@@ -709,6 +710,45 @@ void CertUnitTest::altNames76()
     }
 }
 
+void CertUnitTest::sha256cert()
+{
+    QStringList providersToTest;
+    providersToTest.append("qca-ossl");
+    // providersToTest.append("qca-botan");
+
+    foreach(const QString provider, providersToTest) {
+        if( !QCA::isSupported( "cert", provider ) )
+            QWARN( QString( "Certificate handling not supported for "+provider).toLocal8Bit() );
+        else {
+            QFile f("certs/RAIZ2007_CERTIFICATE_AND_CRL_SIGNING_SHA256.crt");
+            QVERIFY(f.open(QFile::ReadOnly));
+            QByteArray der = f.readAll();
+            QCA::ConvertResult resultcert;
+            QCA::Certificate cert = QCA::Certificate::fromDER(der,
+                                                              &resultcert,
+                                                              provider);
+
+            QCOMPARE( resultcert, QCA::ConvertGood );
+            QCOMPARE( cert.isNull(), false );
+            QCOMPARE( cert.isCA(), true );
+            QCOMPARE( cert.isSelfSigned(), true );
+
+            QCA::PublicKey pubkey = cert.subjectPublicKey();
+            QCOMPARE( pubkey.isNull(), false );
+            QCOMPARE( pubkey.isRSA(), true );
+            QCOMPARE( pubkey.isDSA(), false );
+            QCOMPARE( pubkey.isDH(), false );
+            QCOMPARE( pubkey.isPublic(), true );
+            QCOMPARE( pubkey.isPrivate(), false );
+            QCOMPARE( pubkey.bitSize(), 4096 );
+
+            QCOMPARE( cert.pathLimit(), 0 );
+
+            QCOMPARE( cert.signatureAlgorithm(), QCA::EMSA3_SHA256 );
+        }
+    }
+}
+
 void CertUnitTest::checkExpiredServerCerts()
 {
     QStringList providersToTest;