Tickbox

Goodbye SHA-1, Hello SHA-2

At the forefront of all websites which use and store customer information will require some form of security. That’s a fact.

From January 1, 2016 the majority of browsers will start removing support for SSL certificates that use an outdated form on encryption: SHA1 (commonly known as “Secure Hash Algorithm”). Furthermore, it seems payment providers are also getting in with the act. SagePay have recently released a statement indicating that their services will only accept SHA2. The younger, better brother, of security – well until the next release comes along!

Why is it necessary?

Due to security concerns (and we know of a few recently!) over computing power, 1024-bit (SHA1) certificates have been coming under scrutiny invoking a move towards a newer and more secure data transmission which uses 2048-bit encryption.

Google Chrome (and similarly FireFox) is deprecating support for SHA-1 before the year is out. So the time to check and upgrade is paramount. All SHA-1 support will be removed by the end of 2016. Your site will continue to be served, but with that unruly error: “Your website is not trusted.”.

insecure

Hackers/attackers never sleep therefore system administrators should not either.

What do I need to do?

If you have a website hosted with us, be it shared or on a dedicated machine, rest assured we already have this protection in place. Your SSL renewal will take place as normal and there wont be an additional charge. If your renewal has just passed…don’t sweat it. You’ve already been taken care of.

If you are not a client of ours, not a problem – contact us on 0117 325 0091 or support@tickboxmarketing.co.uk to discuss your set up. Although if you do have a current server or hosting provider, your best option would be to contact them to see if you need to upgrade.

References