Thursday, November 20, 2014

Get Ready to Upgrade your SHA-1 Certificates!!!

Believe most of you are aware that SHA-1 SSL certificates are going to be discontinued by Microsoft after 2016. As we all know that SHA-1 is the commonly used certificate and most of the websites out there in the Internet are using this Cert and also this is the common Certificate that is used inside most of the Organizations.


I am writing this post today to refer and remind you up on this critical update to begin your Cert upgrades to supported SHA-2 SSL certificates proactively and point you to the vital resources well written and available in the community by Technical Experts and vendors for better understanding on the topic.

MVP Jeff Guillet has recently written an Excellent blog post in WindowsITPro explaining in-depth information on Microsoft's decision to discontinue SHA-1 SSL certs and potential impacts that will arise if we continue to use this and how long you have time to get the certs upgraded, the behavior that you will experience over time and references to other Critical resources and tools that can help you to get things moved on.


Review here: Is Your Organization Using SHA-1 SSL Certificates?

As you read in the above article Google is taking the lead to notify users when they use SHA-1 Certs beginning with Chrome 39 starting this November 2014 and below Symantec article is well written to explain this in detail showing us the future experience with every upcoming version of Chrome till Q1 2015.


Review here: Google’s SHA-1 Deprecation Plan for Chrome

Below Online Tool from DigiCert is quite good to Identify the affected Certs in your domain at ease and begin your update


Access here: DigiCert® SHA-1 Sunset Tool

Above resources are well enough to get the required information on the topic and you can still look out for more in the external community for further reading. Hope soon we all get the certs updated to avoid any last minute hassles affecting end user experience.

No comments:

Post a Comment