Announcements & Articles
Encryption Standards Require Replacing SHA1 With SHA2 Certificates

Encryption Standards Require Replacing SHA1 With SHA2 Certificates

What is SHA1 and why is it being depreciated?

Security always needs to be a proactive campaign. Not updating or keeping up with the progress of technology will open doors in security and will leave businesses open to be hacked.

SHA1 was the Algorithm that was used to create and sign encryption keypairs that are used to scramble data on websites, and applications. SHA1 was a replacement for MD5, and now SHA2 is the replacement for SHA1. 

 The CA/Browser Forum, is the governing entity of leading web browsers and certificate authorities (CAs) working together to stay proactive with security and publish their Baseline Requirements for SSL regarding the security standards of the web industry. These Requirements recommend that all CAs transition away from SHA-1 as soon as possible, and to discontinuing issuing SHA1 public facing certificates. The reason being that due to the progress of technology this old algorithm is on the verge of being exploited. 

Browser’s like Internet Explorer,  Firefox and Chrome are inforcing these standards but placing errors within their browsers associated with these standards. According to Google’s “Gradually Sunsetting SHA-1”, Chrome version 39 and later will display visual security indicators on sites with SHA-1 SSL certificates with validity beyond January 1, 2016.
In short:
Most browsers will not trust certificates that use SHA1 After 12/31/2016.

If you do not want to get an error on your website you will have to replace that old SHA1 certificate with a newer SHA2. 

 

How to Replace your old SHA1 certificate with SHA2?

To do list:

  1. Identify certificates that have a SHA-1 algorithm. Since the standard is already in effect you would definitely know if you still have a SHA1 certificate from the browser errors you would be getting in chrome.
  2. Contact your Certificate Authority for procedures in replacing any SHA-1 certificates with the SHA-2 certificates.
    Note: If your SSL certificate was issued through Acmetek Click HERE.
  3. Install your new SHA2 SSL Certificate to your server.
  4. Test your SSL installation by using an SSL Checker.

These standards are always changing. Especially with how fast new technologies are coming out. SSL Certificates are a method of enforcing industry standards to make a more secure internet for everyone.


About SSLSupportDesk:

SSLSupportDesk is part of Acmetek who is a trusted advisor of security solutions and services. They provide comprehensive security solutions that include Encryption & Authentication (SSL), Endpoint Protection, Multi-factor Authentication, PKI/Digital Signing Certificates, DDOS, WAF and Malware Removal. If you are looking for security look no further. Acmetek has it all covered!

Contact an SSL Specialist to get a consultation on the Website Security Solutions that can fit your needs.

Become a Partner and create additional revenue stream while the heavy lifting for you.