As the SHA1 signature algorithm into the phase of elimination, gradually discarded, SHA1 upgrade to SHA2 is the trend.
Microsoft has officially released the SHA1 deprecation strategy: http://blogs.technet.com/b/pki/archive/2013/11/12/sha1-deprecation-policy.aspx
Google hasn't been releasing SHA1 's sunset plans for too long: http://blog.chromium.org/2014/09/gradually-sunsetting-sha-1.html
Here are a few important days to look at:
September 2014, after 2017, SHA1 certificate is still not expired, Chrome will give alarm
December 2014, SHA1 certificate expired after June 1, 2016, Chrome gives alarm
In February 2015, the SHA1 certificate, which was still in force after 2016, was alerted by Chrome.
In January 2016, Microsoft will not trust the code signature of SHA1 without a timestamp.
In January 2017, both Microsoft and Mozilla will no longer trust SHA1 's SSL certificates.
650) this.width=650; "Width=" 730 "height=" 870 "alt=" SHA1SHA2 replace Schedule "src=" http://www.evtrust.com/knowledge/images/ Sha2_1.png "/>
For SHA2 upgrade strategy, we make the following solutions:
In December 2014, the SHA2 certificate is issued by default, in which case you can choose to reissue the SHA1 certificate if it is not a certificate that is still in effect 2017 years ago. No SHA1 certificates are issued after January 1, 2016
650) this.width=650; "Width=" 674 "height=" 436 "src=" Http://www.evtrust.com/knowledge/images/sha2_2.png "alt=" sha2_ 2.png "/>
SHA2 Replace SHA1 Schedule