What is SHA1 and why is it being depreciated?
Security always needs to be a proactive campaign. Not updating or keeping up with the progress of technology will open doors in security and will leave businesses open to be hacked.
SHA1 was the Algorithm that was used to create and sign encryption keypairs that are used to scramble data on websites, and applications. SHA1 was a replacement for MD5, and now SHA2 is the replacement for SHA1.
The CA/Browser Forum, is the governing entity of leading web browsers and certificate authorities (CAs) working together to stay proactive with security and publish their Baseline Requirements for SSL regarding the security standards of the web industry. These Requirements recommend that all CAs transition away from SHA-1 as soon as possible, and to discontinuing issuing SHA1 public facing certificates. The reason being that due to the progress of technology this old algorithm is on the verge of being exploited.
Browser’s like Internet Explorer, Firefox and Chrome are inforcing these standards but placing errors within their browsers associated with these standards. According to Google’s “Gradually Sunsetting SHA-1”, Chrome version 39 and later will display visual security indicators on sites with SHA-1 SSL certificates with validity beyond January 1, 2016.
Most browsers will not trust certificates that use SHA1 After 12/31/2016.
If you do not want to get an error on your website you will have to replace that old SHA1 certificate with a newer SHA2.
How to Replace your old SHA1 certificate with SHA2?
To do List:
These standards are always changing. Especially with how fast new technologies are coming out. SSL Certificates are a method of enforcing industry standards to make a more secure internet for everyone.
© 2019 Acmetek. All Right Reserved.