As part of their SHA-2 migration plan, Microsoft, Google, and Mozilla have announced that they will stop trusting SHA-1 certificates. Google will begin phasing out trust in SHA-1 certificates in November 2014.

Microsoft and Mozilla will begin phasing out trust for SHA-1 certificates in 2016. With these dates fast approaching, it’s time to move to SHA-2.

• November 2014 - SHA-1 SSL Certificates expiring any time in 2017 will show a warning in Chrome.
• December 2014 - SHA-1 SSL Certificates expiring after June 1, 2016 will show a warning in Chrome.
• January 2015 - SHA-1 SSL Certificates expiring any time in 2016 will show a warning in Chrome.
• January 1, 2016 - Microsoft will end trust for SHA-1 Code Signing Certificates without time stamps.
• January 1, 2017 - Microsoft and Mozilla will end trust for all SHA-1 SSL Certificates.

More information on SHA-2 migration can be found here:

• Infographic: Switching to SHA-2 SSL
• Switch to SHA-2
• Migrating to SHA-2
• Google Gradually sunsetting SHA-1
• Microsoft on SHA-1
• Entrust recommendation for SHA-1

Tags: sha1 google chrome internet explorer mozilla firefox