ATTENTION we've got new banking details as per July 15th 2019 · IBAN: DE28700111104101475005 · BIC: DEKTDE7G

Why SHA-1 based SSL certificates should NOT be used anymore. Revoke old SHA-1 based certificates and get free SHA-2 ones! Here is why ...

All SSL certificates delivered by us are SHA-2 based by default since November 2014. Multiple browser vendors have alredy been showing warnings for websites that were still using old SHA-1 based certificates, after SHA-1 had been replaced.

Today, 10 years after of SHA-1 was first introduced, Google is announcing the first practical technique for generating a collision. The required computation power still is incredibly high, nevertheless it is another proof that replacing SHA-1 with SHA-2 signature algorithm for SSL certificates was about time.


  • Nine quintillion (9,223,372,036,854,775,808) SHA1 computations in total
  • 6,500 years of CPU computation to complete the attack first phase
  • 110 years of GPU computation to complete the second phase

 

Starting from version 56, released in January 2017, Chrome will consider any website protected with a SHA-1 certificate as insecure. Firefox has deprecated SHA-1 as of February 24th, 2017.

If you are still using old SHA-1 certificates, please re-issue your certificate for free in order to get a new SHA-2 based one. - If you have got any questions, please don't hesitate to contact us!

Full Google article: https://security.googleblog.com/2017/02/announcing-first-sha1-collision.html



Was this answer helpful?

 Print this Article

Also Read

Apache - SSL/TLS Strong Encryption: How-To

https://httpd.apache.org/docs/trunk/da/ssl/ssl_howto.html

Decrypting SSL traffic with tshark (private key required)

Sample: #!/bin/bash tshark -f "tcp port 80" -Y 'http.request || http.response' #OR (for...

What is PRE-SIGN FAILED? What is a CAA record? - DNS Certification Authority Authorization (CAA) Resource Record

The Certification Authority Authorization (CAA) DNS Resource Record allows a DNS domain name...

PDF Dokumente mit Adobe Acrobat signieren (SMIME, S/MIME)

Um in Adobe Acrobat eine Signatur zu platzieren, klicken Sie auf Anzeige -> Werkzeuge ->...

How can i verify my SSL certification?

Please use the tools from our SSL Tools site which offer you all kinds of SSL checker tools for...