SSL Certificate Review
Over the past few years, the major web browser vendors have all announced plans to discontinue support for SSL/TLS certificates that use the “SHA-1” signature algorithm due to security concerns. The SHA-1 algorithm is comparatively weak and its use could allow an attacker to impersonate your sites and domains online. A similar flaw was discovered in the older “MD5” algorithm, which was subsequently used in a number of cyberattacks and malware campaigns.
Google has recently announced that they will be removing support for SHA-1 from their Chrome browser at the end of January, 2017. Users who visit https-protected websites which use SHA-1 after this date will be greeted with a security error and will be unable to use the site.
All website administrators are urged to review their sites to check for any hidden uses of SHA-1 certificates. In large organizations with many certificates in use, it is likely that some rarely-used services, third-party vendor sites, or development sites are still using SHA-1 signed certificates.
As part of the FireOak Strategies Information Security Maturity Assessment, we examine a client’s SSL/TLS certificate environment and provide practical and prioritized remediation suggestions to bring the overall environment into compliance with current best practices.
Please contact us if you’re interested in learning more about conducting an SSL Certificate Review and the Information Security Maturity Assessment (ISMA) process.
Are you a FireOak client? Contact us for a complimentary SSL Certificate Review.