News and Events

Google Chrome 41 Browser and Deprecation of SHA1 in SSL/TLS Certificates
4 Feb 2015

In late 2013, Microsoft announced that SHA1 certificates will not be accepted in Windows after January 2017. At that time, QuoVadis changed its default issuance of SSL/TLS to SHA256.

Concerned that large numbers of SHA1 certificates are still in use, the Chromium browser has announced plans to gradually degrade the security indicators for SHA1 SSL/TLS certificates in order to encourage server operators to upgrade to SHA256 now, rather than wait until the 2017 deadline.

Google Chrome 41 (expected to be released in early March 2015) will treat certificate chains using SHA1 which are valid into 2016 and 2017 as insecure.

 

QuoVadis recommends that all users of SHA1 SSL/TLS certificates which expire after 2015 to renew using certificates signed with SHA256 (the default setting in Trust/Link Enterprise).  This will ensure your site visitors do not encounter certificate-related SHA1 warnings.

Please visit our support website for more information on the changeover to SHA256.