picture of tbs certificates
picture of tbs certificates
Our products range

20130901 - SHA256 now available at Symantec

Symantec announced, a few months ago, the possibility to choose the hash algorithm during the order of Symantec, Thawte ans Geotrust certificates. This functionality is now available at TBS INTERNET.

Why several hash algorithms?

IT security related technologies are constantly evolving. The goal being to stay a step ahead hackers to ensure the inviolability of our information systems.

SHA2 is a product of this evolution. It has been conceived in 2002 to take over from SHA1 as soon as it would present exploitable weeknesses.

Even if SHA1 is safe for now, the capacities of domestic computers will soon make it vulnerable. It is then time to go for SHA2, stronger and extremely safer.

for which products?

SHA256 option is available for all Symantec, Thawte and Geotrust server certificates.

What is the order process?

It is the same than for classical certificates, no specific handling is required for the CSR generation. Just choose your product, place your order and tick the case 'SHA256 version' on the order form.

I have a SHA1 certificate, can I have its SHA256 version?

Yes, if your certificate has been issued after April 2nd, 2013. To do so, request your certificate reissuance. As for any reissuance, go on your certificate's status page, click on 'Request reissue' and opt for the SHA256 version.

WARNING: reissue a Symantec, Thawte or Geotrust certificate does not lead to the previous certificate automatic revocation anymore. At each reissuance you'll have an additional certificate to manage. If the previous certificate is not useful anymore, you'll have to request its revocation.

What prices for SHA256 certificates?

The SHA256 versions of Symantec family certificates are provided at the same price than their SHA1 counterparts. The certificates are the same, have the same functions but simply use a stronger hash algorithm.

Is there any limitation linked to SHA256 certificates?

Yes, some server and browsers are not compatible with SHA256. See the list of useful links below.

Useful links