Degrading SHA-1 Certificates


International cryptography researchers recently warned of a significantly increased risk in using SHA-1 certificates and recommend migration to SHA-256 certificates as soon as possible. Some major browsers have already started, while others plan to start, displaying security warnings or even block sites that use SHA-1 certificates in 2016.

In order to prevent site visitors from viewing security warnings in their browsers when accessing a website, SHA-1 certificates need to be replaced with SHA-256 certificates.

What do you need to do?

You can ensure that certificate holders replace their SHA-1 certificates with SHA-256 certificates as soon as possible. Below are resources to help you understand the issue and to reissue certificates, quickly and easily: