Friday, November 14, 2014

Major browsers to stop accepting SHA-1-based SSL certificates by 2017

Microsoft, Google and Mozilla  have announced their deprecation policy on SHA-1 according to which they will stop accepting SHA-1 certificates in SSL by 2017.


Identifying certificates that have a SHA-1 algorithm:
Symantec: https://ssltools.websecurity.symantec.com/checker/views/certCheck.jsp
Digicert: https://www.digicert.com/sha1-sunset/
Thawte: https://ssltools.thawte.com/checker/views/certCheck.jsp

Test for SHA2-compatibility on unique applications:
https://ssltest39.ssl.symclab.com/
https://ssltest8.bbtest.net/ 

References on Deprecation of SHA-1:
https://technet.microsoft.com/en-us/library/security/2880823.aspx
http://googleonlinesecurity.blogspot.sg/2014/09/gradually-sunsetting-sha-1.html
https://bugzilla.mozilla.org/show_bug.cgi?id=942515


No comments: