Important Service Announcement: SHA-1 certificates will show warning in Google Chrome

Alerts ID:    ALERT924    Updated:    05/20/2016

Severity

Information

Description

We would like to inform you of Google’s intent to phase out support for certificates using a SHA-1 hashing algorithm via degraded visual indicators and warnings in the Chrome™ browser. These changes are expected to take effect in the production version of Chrome version 39 in November 2014.  You can find more information regarding the proposed plan on Google’s blog.

Browser Version (dates subject to change per Google)

  • Chrome 39 ~ November 2014
  • Chrome 40~ January 2015
  • Chrome 41 ~ February 2015

As a proactive measure, in order to help ensure that Chrome 39 users visiting your websites do not encounter any UI degraded indicators, Symantec recommends the following:

  1. Identify certificates that have a SHA-1 algorithm using the Symantec Installation Checker.
     
  2. Replace any SHA-1 certificates that expire beyond December 31 2015 with SHA-2 certificates at no additional cost.
     

For guidelines for replacing SHA-1 with SHA-2 certificates on Symantec Trust Center, refer to SO26402