Upgrade a Certificate from SHA-1 to SHA-2

SHA-1 is a cryptographic hash function – an important component of the process that the SSL protocol uses to protect your data. Although SSL certificates using SHA-1 are currently secure, the pace of technological change means that it could be vulnerable in the near future. For this reason, major online services (like PayPal and Facebook) and browsers (like Chrome and Firefox) are moving now to the stronger SHA-2. As part of this move to stronger security, certificates issued by SSL.com since September 24th, 2014 use SHA-2 by default. Older certificates should be upgraded to SHA-2 in order to make sure that your information stays secure going forward.
You can change from SHA-1 to SHA-2 by “reprocessing” your current certificate. This is free and easy to do at any time via your SSL.com account!


How Can I Tell If My Certificate Uses SHA-1?

Check Your Site

Navigate to your site in your browser and click the lock icon in the address bar for details on your certificate:

sha1_reprocess_01

NOTE: More information on SHA-2 can be found here.

Check Your Account

1) Log into your SSL.com account and click Orders to display your current certificates:

sha1_reprocess_02

 

2) Click Download to show details on the target certificate:

sha1_reprocess_03

 

3) The algorithm your certificate uses will be displayed under “Certificate Contents:”

sha1_reprocess_05

 


Reprocessing Your Certificate to Use SHA-2

If your certificate uses SHA-1 you will also be shown a link to reprocess it to use SHA-2:

sha1_reprocess_06

 

Click the link to begin the (re)process – more details on reprocessing your certificate can be found here.

NOTE: If no other details need to be changed you can simply reuse the existing CSR.

As always, contact us at SSL.com if you have any questions.