SHA-1 SSL Certificates are known as less security now and there are SHA-1 collision attacks. That's why Google Chrome no longer treats SHA-1 SSL Certificates as secure, and will not support them in 2 steps.

Step 1: Blocking new SHA-1 SSL Certificates

Starting from 2016 (Chrome version 48), Chrome will display an error if the website is using an SSL certificate that:

  1. is signed with a SHA-1-based signature
  2. is issued on or after January 1, 2016
  3. chains to a public CA

Step 2: Blocking all SHA-1 SSL Certificates

Starting from January, 2017, Chrome will completely not support SHA-1 SSL Certificates. The websites which have a SHA-1-based signature as part of the certificate chain (not including the self-signature on the root certificate) will trigger a fatal network error.

Moreover, the other browsers such as Edge & Firefox will also block all SHA-1 SSL Certificates on 1st January, 2017.

Therefore, if your websites are using SHA-1 SSL Certificates, you are encouraged to replace it as soon as possible.

  • Published In: Security
  • Created Date: 2015-12-22
  • Hits: 1441
  • Comment: 0
Tags: SHA-1 , Google , Chrome , security