The Google Chrome browser now shows a warning for SSL certificates encoded in SHA-1 that are set to expire on or after January 1, 2017. In this article, we will discuss why this error occurs, and how to avoid and correct it.
While SSL certificates are currently secure, Google considers the SHA-1 hash algorithm insecure after 2016. This is due to reports from some security companies, that online attackers could feasibly compromise SSL certificates keyed with SHA-1 hash. Due to this, Google Chrome has started to flag these SSL certificates as insecure (see the screenshot at top of this article).
Since SSL certificates are issued yearly by Web Hosting Hub, this will not apply to most of our SSL certificates. There are 2 criteria you have to meet, in order for your site to show up as Insecure in Google Chrome.
https://www.sslshopper.com/ssl-checker.html#hostname=example.com
If your Signature Algorithm is lower than "sha256" you should Fix your SSL as described below. For example, in the screenshot below it is "sha384," which means it is fine:If your SSL certificate expires after 2016, and was created using SHA-1 hashing it will need to be rekeyed.
Congratulations, now you know how to fix the Insecure SSL error due to deprecated SHA-1 hashing.
n/a Points
|
2015-03-31 2:40 am
I made the purchase of my SSL certificate last year through my AMP . I contacted customer support beacuse i need to fix the SHA-1 has used in my certificate, They sent me a message askig me to pay $25 fee for installation and $35.40 for dedicated IP addres, why do I have to pay for fix the SHA-1 hash used to create my certificate?.
and when i bought the certificate the page said: (https://secure.webhostinghub.com/index/ssl/cid/1529802/id/204)
" SSL certificates purchased through us are $99.99/yr which includes the needed dedicated IP address. There is a one-time installation fee of $25 for all SSL certificates.”
Why i have to pay again?
Im asking for support I don’t want to buy another certificate, i just want to fix the SHA-1 hash used in my certificate.
SSL Checker:
https://www.sslshopper.com/ssl-checker.html#hostname=yadiihair.com
Common name: yadiihair.comSANs: yadiihair.com, www.yadiihair.comValid from June 29, 2014 to June 30, 2015Serial Number: 7132d3812227dd11314541f0104a63ccSignature Algorithm: sha1WithRSAEncryptionIssuer: COMODO SSL CA
Please help me.
Thank you |
Staff 16,266 Points
|
2015-03-31 3:31 am
Hello Carmen,
You are correct, the installation fee is a one-time charge and you should not have to pay it again. Also, your SSL through us includes the IP fee, so no charge there. It sounds as if the person you spoke with was a bit confused. However, unless your SSL expires after Jan 1, 2017, then you do not need to have your SSL rekeyed. Kindest Regards, Scott M |
Email: | support@WebHostingHub.com | Ticket: | Submit a Support Ticket |
---|---|---|---|
Call: | 757-416-6627 | Chat: | Click To Chat Now |
We value your feedback!
There is a step or detail missing from the instructions.
The information is incorrect or out-of-date.
It does not resolve the question/problem I have.
new! - Enter your name and email address above and we will post your feedback in the comments on this page!