SSL pulse currently reports thatÌýonlyÌý.
Microsoft announced last year that it would end trust for SHA-1 SSL Certificates after January 1, 2017 to address possible threats in the future.
Earlier this month, Google announced they would be adding warning indicators for sites using SHA-1 certificates expiring after December 31, 2017 in an upcoming version of Chrome to be released sometime in November 2014. Subsequent updates of Chrome would also warn visitors on sites using SHA-1 certificates expiring in 2016.
As your security partner, ¶ºÒõ¹Ý has already made SHA-256 the default for all new SSL Certificates issued, and strongly recommends that all customers re-key their SHA-1 certificates to avoid possible Chrome browser warnings due to the accelerated Google timeline.
¶ºÒõ¹Ý strongly recommends that SHA-1 certificates be updated to SHA-256 as soon as possible to avoid any possible browser warning for end users.Ìý¶ºÒõ¹Ý has two easy-to-use and free tools to make SHA-1 migration as easy as possible.
TheÌýSHA-1 trackerÌýquickly gives administrators a list of all SHA-1 certificates they have on the Internet and lets them replace any SHA-1 certificates with a free ¶ºÒõ¹Ý SHA-2 certificate to make the transition to SHA-2 easier.
If you have SHA-1 certificates on your internal networks, you can use Certificate Inspector. Certificate Inspector is a cloud-basedÌýÌýplatformÌýthat quickly finds all certificates on an internal and external network, including SHA-1ÌýcertificatesÌýand makes it easy to migrate them to SHA-2.
To ensure compliance with the Google SHA-1 policy change, we've put together these 3 quick options for customers and non-customers to ensureÌýthat their sites remain secure.
Most certificate providers allow for free re-keys of SSL Certificates. If you have a SHA-1 certificate, your provider should allow for you to generate a new SHA-256 certificate for free.
All ¶ºÒõ¹Ý certificates come with unlimited free re-keys. Although ¶ºÒõ¹Ý issues SHA-2 certificates by default, those customers using SHA-1 certificates for backwards compatibility can update their certificates to SHA-2 by using the re-key option in their ¶ºÒõ¹Ý account.
Waiting for a new certificate to be issued can be a painful process. But getting a new certificate shouldn't take days or weeks—¶ºÒõ¹Ý issues our fully verified and trusted certificates in a matter of minutes.
To help you make the move as painless as possible, ¶ºÒõ¹Ý is replacing any SHA-1 certificate issued by another Certificate Authority with an equivalent ¶ºÒõ¹Ý SHA-256 certificate for free.ÌýTheÌýSHA-1 SunsetÌýtool identifies all SHA-1 certificates issued to your domain and makes it easy to upgrade to SHA-2 for free.
Most platforms have already been updated to support SHA-2 though patches or hotfixes. For platforms that don’t yet support SHA-2, administrators can re-issue their SHA-1 certificate and set the expiration date to December 31, 2015. This allows you to keep your certificates in compliance with the new SHA-1 Google policy and avoid any browser warning for your site online.
For a full list of SHA-2 platforms, see ourÌýSHA-2 compatibilityÌýpage.
http://digicert.com/sha-2-compatibility.htmIf you need to continue using a SHA-1 certificate because of platform compatibility issues, ourÌý24-hour customer support teamÌýcan help extend your SHA-1 SSL Certificate to the maximum deadline for free.