Why SHA-1 based SSL certificates should NOT be used anymore. Revoke old SHA-1 based certificates and get free SHA-2 ones! Here is why ...

All SSL certificates delivered by us are SHA-2 based by default since November 2014. Multiple browser vendors have alredy been showing warnings for websites that were still using old SHA-1 based certificates, after SHA-1 had been replaced.

Today, 10 years after of SHA-1 was first introduced, Google is announcing the first practical technique for generating a collision. The required computation power still is incredibly high, nevertheless it is another proof that replacing SHA-1 with SHA-2 signature algorithm for SSL certificates was about time.


  • Nine quintillion (9,223,372,036,854,775,808) SHA1 computations in total
  • 6,500 years of CPU computation to complete the attack first phase
  • 110 years of GPU computation to complete the second phase

 

Starting from version 56, released in January 2017, Chrome will consider any website protected with a SHA-1 certificate as insecure. Firefox has deprecated SHA-1 as of February 24th, 2017.

If you are still using old SHA-1 certificates, please re-issue your certificate for free in order to get a new SHA-2 based one. - If you have got any questions, please don't hesitate to contact us!

Full Google article: https://security.googleblog.com/2017/02/announcing-first-sha1-collision.html




Was this answer helpful?

 Print this Article

Also Read

Decrypting SSL traffic with tshark (private key required)

Sample: #!/bin/bash tshark -f "tcp port 80" -Y 'http.request || http.response' #OR (for...

Check SSL security, installation and configuration

Feel free to use the collection of SSL tools we are providing to check your SSL configuration and...

How can i verify my SSL certification?

Please use the tools from our SSL Tools site which offer you all kinds of SSL checker tools for...

BSI legt Grundstein für Prüfungen gemäß IT-Sicherheitsgesetz

Betreiber kritischer Infrastruktur müssen sich zukünftig regelmäßig prüfen lassen und dabei...

PCI Compliance (Payment Card Industry Compliance

PCI stands for Payment Card Industry, data security standard and is defined by the PCI Security...