Archive For: September, 2014

Google Chrome and SHA-1 SSL Certificates

SHA-1 chrome penalty

chrome degraded ssl

Please be aware of the upcoming changes that affect how websites using SHA-1 SSL’s Certs are
displayed in the Chrome browser.

SHA-1 is no longer considered to be sufficiently secure and will be completely phased out in
the next few years. To encourage prompt adoption of more secure algorithms, Starting with
Google Chrome 39, Google start to degrade websites using SHA-1 certificates. The changes start
November 2014.

Initially, the warnings is limited to a “Secure, but minor errors” icon, in the form of a lock
with a yellow triangle. Later versions will display a red crossed-out lock.

SSL Users can prevent a downgraded user experience by following these steps:

– Check which algorithm your SSL Certificate uses.
Is one checker that works

– If the website uses a SHA-1 SSL Cert expiring after 12/31/2015,
the certificate will need to be reissued to SHA-256.

To prevent a degraded user experience its important to take prompt action. Please do not
hesitate to contact us at:

Read More