International cryptography researchers recently warned of a significantly increased risk in using SHA-1 certificates and recommend migration to SHA-256 certificates as soon as possible. Some major browsers have already started, while others plan to start, displaying security warnings or even block sites that use SHA-1 certificates in 2016.
In order to prevent site visitors from viewing security warnings in their browsers when accessing a website, SHA-1 certificates need to be replaced with SHA-256 certificates.
What do you need to do?
You can ensure that certificate holders replace their SHA-1 certificates with SHA-256 certificates as soon as possible. Below are resources to help you understand the issue and to reissue certificates, quickly and easily:
- CA/Browser Forum notice about SHA-1
- For Symantec certificates click on this link – INFO2848
- For GeoTrust certificates click on this link – INFO2851
- For Thawte certificates click on this link – INFO2849
