SHA-1 SSL certificates expire Dec 2015
You may have received a recent notice from RapidSSL. As a gentle reminder and to prevent any possible disruptions in service with your SSL or Code Signing certificate, we want to let you know about some changes that could impact you.
Microsoft recently issued a Security Advisory* recommending that Certificate Authorities (CA) stop using SHA-1 SSL certificates by January 1, 2017. Microsoft is asking customers to migrate any SHA-1 SSL and Code Signing certificates to the SHA-256 (SHA-2) hashing algorithm at the earliest opportunity.
Due to this announcement, we are asking our customers to develop a migration plan for any SHA-1 SSL certificates that expire after December 31, 2016 and SHA-1 Code Signing certificates that expire after December 31, 2015.
We suggest you assess your network now or in the near future and make any adjustments that may be necessary so that you are ready for the migration as it may put increased demands on your infrastructure.
What Action You Need To Take:
For SSL Certificates
When you install a new certificate or renew a current certificate, you must also install the correct intermediate CA certificate.
For Code Signing Certificates
Any code signed by a SHA-1 Code Signing certificate will continue to be supported by Windows provided that it was signed and time stamped on or before December 31, 2015.
Please be advised that you will need to start signing code with a SHA-2 Code Signing certificate after December 31, 2015.
We appreciate your business. Please contact us if you have questions or concerns.
Best regards,
RapidSSL Team