SHA-2 HTTPS certificates

Published on October 30, 2014 by Filip Van Tittelboom

Last month Google, Firefox and Microsoft announced they will be retiring support of SHA-1, the cryptographic hash algorithm used in HTTPS SSL certificates. They calculated that it became too affordable to decrypt SHA-1 certificates and are upping the security of their applications.

Future browser versions (next year) will show an error or warning message if the user lands on a HTTPS page protected with a weak SHA-1 certificate.

In order to be prepared, we decided to start issuing only SHA-2 certificates from now on. All certificates under our management will be automatically upgraded to SHA-2 at renewal.

We also continuously monitor the certificates we manage, this includes checks to make sure the security is up to spec.

Comments on this article

Top of page


Cloud services & management for: