picture of tbs certificates
picture of tbs certificates
Our products range

20151028 - SHA1 disappearance is coming fast

As we have been saying during the past year, SHA1 will have totally disappeared as of January 1st, 2017. It is already no longer possible to order or renew a SHA1 certificate that would expire after this date and from January 1st, 2016 we will definitely cease issuing SHA1-signed certificates (whether for a new order, a renewal or via reissuance).

WARNING: We won't be able to issue SHA1 certificate AT ALL. SHA256 is going to be unavoidable.

I need a SHA1 certificate for as long as possible, what do I need to do?

In that case, and no matter your certificate expiration date (if you already have one), you should request a new certificate before December 20th, 2015 to get a SHA1 certificate that we be valid most of the year 2016.

Note that such a certificate cannot be reissued but to be delivered in SHA256.

Why not adopt SHA256 now?

We've been advising our customers for the past few months to adopt SHA256 as soon as possible. But certain software still have compatibility issues with SHA256.

The better way is to run some tests. To do so, you can request a test certificate, free and valid for 30 days, that will help you check your tools compatibility with SHA256.

Customers having a SHA1 certificate currently valid will soon receive a notification email, advising them to adopt SHA256 or to order a new SHA1 certificate, should their server not be SHA256 compatible.

I have a SHA1 certificate, I want a SHA256 one. What do I need to do?

Easy! Just go to certificate status page and click on 'request reissuance". On the form, select SHA256 in the list of available hash algorithms.

WARNING: All certificates cannot be reissued in SHA256. If so, the reissuance page won't propose SHA256. If you possess such a certificate, please consult our information page.

Useful links