Go from SHA-1 to SHA-2 in 8 steps

The clock is ticking for organizations to complete their SHA-1 migration. Here's what admins must do to ensure they aren't locked out.

As deadlines go, Jan. 1, 2017, isn’t far away, yet many organizations still haven’t switched their digital certificates and signing infrastructure to use SHA-2, the set of cryptographic hash functions succeeding the weaker SHA-1 algorithm. SHA-1 deprecation must happen; otherwise, organizations will find their sites blocked by browsers and their devices unable to access HTTPS sites or run applications.

All digital certificates -- to guarantee the website accepting payment card information is secure, software is authentic and the message was sent by a person and not an impersonator -- are signed by a hashing algorithm. The most common is currently SHA-1, despite significant cryptographic weaknesses that render the certificates vulnerable to collision attacks.

The current recommendation is to use the SHA-2 algorithm for all new certificates; existing SHA-1 certificates, meanwhile, will be replaced by newer versions signed with SHA-2. This isn’t as simple as it sounds, as the migration isn’t a two-step process where you flip off SHA-1 and flip on SHA-2. Instead, it requires intensive testing and analysis to ensure all devices, sites, and software are using SHA-2 correctly.

Time is running out. While Google, Mozilla, and Microsoft are sticking with Jan. 1, 2017, as the official cutoff date, Chrome and Firefox browsers already throw errors with websites using SHA-1 certificates. Microsoft Edge and Internet Explorer will follow suit this summer. Google and Mozilla will not likely follow through with previous hints to move up the deadlines to July 1, but nothing is keeping them from arbitrarily stopping support before the end of the year.

This is currently a race to complete the migration, which requires careful planning and execution to succeed. Here’s a checklist to help you keep on track.

1. Assemble the team

To continue reading this article register now

7 inconvenient truths about the hybrid work trend
Shop Tech Products at Amazon