How to deal with SHA-1 encryption algorithm upgrade to SHA-256

Source: Internet
Author: User
Tags sha1 sha1 encryption ssl certificate

After the authority confirmed that the SHA1 encryption algorithm is more and more high, SHA fingerprint fraud cost is getting lower, then Microsoft, Google and other IT giants have released the SHA1 encryption algorithm declaration, the third-party certification body from January 1, 2016 onwards, will fully stop the issuance of SHA1 algorithm digital certificate. All this suggests that the SHA1 algorithm, which has been born since 1995, will be replaced by SHA-256.

For SSL certificate and Code signing certificate users, from the point of issuance, generally issued before December 2014 digital certificate is likely to make the issued signature fingerprint is the certificate of SHA1 encryption algorithm, January 2015, the general issued signature fingerprint is SHA256 encryption algorithm certificate, You can determine this by looking at the certificate information that your company uses. For example, SSL certificate, you just need to open the security lock in the browser, view the contents of the certificate, find the certificate content such as SHA1 signature algorithm:

650) this.width=650; "Width=" 362 "height=" "src=" Http://www.evtrust.com/images/sha1-IE-SSL.jpg "alt=" Sha1-ie-ssl.jpg "/> 650) this.width=650;" Width= "362" height= "src=" http://www.evtrust.com/images/" Sha1-firefox-ssl.jpg "alt=" Sha1-firefox-ssl.jpg "/>

For this SHA-1 upgrade to the SHA-256 encryption algorithm, what should our digital certificate users do to deal with the strategy? For SSL certificate users, the server ops should immediately discard the old version of the SHA-1 certificate, although Windows Xp and IE 6 still have a small number of users, but this is a very small part of the ancient cloud: "Two evils take its light", we can not because of this very few users, And it affects most of the user experience. When you actually open the HTTPS Web page of the SHA1 encryption algorithm with Google Chrome, the normal security lock icon changes to an unhealthy blank paper icon and prompts "This site uses a security system with a lower security configuration (SHA-1 signature), so your connection may not be private", such as:

650) this.width=650; "width=" 290 "height=" [src=] http://www.evtrust.com/images/sha1-chrome.jpg "alt=" Sha1-chrome.jpg "/>

The user who applied for the SSL certificate in "-evtrust" has issued a new SHA-256 encryption algorithm certificate free of charge in advance. For software developers of code signing certificates, the certification authority may be required to issue certificates for both SHA1 and SHA-256 two encryption algorithms, digitally signing certificates for different platforms with different digital signature algorithms, such as Windows xp,windows The 2000 or earlier system uses the SHA algorithm for the digital signature certificate, Windows 7 or later software versions with the SHA2 encryption algorithm for the digital signature certificate.

If you are not currently a "-evtrust" customer, our online advisors can also provide you with any relevant matters related to SHA1 upgrades, and if you really need our technical engineers to assist you, you will only be charged a small amount of labor service fees.


How to deal with SHA-1 encryption algorithm upgrade to SHA-256

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.