SHA-1 certificates are increasingly insecure, so moves by CloudFlare and Facebook to maintain SHA-1 support may seem counter-intuitive. However, both companies make a case that the secure access of millions of users is at stake.
SHA-2 (Secure Hash Algorithm 2) refers to a family of cryptographic hash functions that can convert arbitrarily long strings of data into digests of a fixed size (224, 256, 384, or 512 bits). 256-bit SHA-2, also known as SHA-256, is the most often-used version. The digest is commonly displayed as » Continue Reading.
SHA-1 is a cryptographic hash function – an important component of the process that the SSL protocol uses to protect your data. Although SSL certificates using SHA-1 are currently secure, the pace of technological change means that it could be vulnerable in the near future. For » Continue Reading.
The lists below display the path of trust from the root certificate, through the required intermediate certificates (if any) to the server certificate (which is the certificate you purchased from SSL.com) for each SSL.com product we offer.
Microsoft, Google and Mozilla have all announced various plans to stop supporting SHA-1 SSL certificates after January 1, 2017. As a result, SSL.com began issuing SSL certificates using only SHA-2 (aka SHA-256) as the default hashing algorithm starting September 24, 2014. There are no special flags » Continue Reading.
SHA1 SSL Certificates This is a question we get frequently, so we thought we’d put together a page that explains why some testing sites are starting to flag SHA1 as “weak.” Various SSL Labs sites are available that will give you a rundown of what you’re » Continue Reading.