SHA-2 HTTPS certificatesPublished on October 30, 2014 by Filip Van Tittelboom
Last month Google, Firefox and Microsoft announced they will be retiring support of SHA-1, the cryptographic hash algorithm used in HTTPS SSL certificates. They calculated that it became too affordable to decrypt SHA-1 certificates and are upping the security of their applications.
Future browser versions (next year) will show an error or warning message if the user lands on a HTTPS page protected with a weak SHA-1 certificate.
In order to be prepared, we decided to start issuing only SHA-2 certificates from now on. All certificates under our management will be automatically upgraded to SHA-2 at renewal.
We also continuously monitor the certificates we manage, this includes checks to make sure the security is up to spec.