How to check website SSL certificates if using SHA-1 and Fix it.
SHA-1 (Secure Hash Algorithm) is a cryptographic hash function creates 160-bit hash worth and it’s thought of weak. it’s fairly fascinating to know as of May 2014 – there are 93 % of a website are susceptible to SHA1 on the Web.
Google has begun regularly sunsetting SHA-1 and Chrome version 39 and later will point out visible safety warning on websites with SHA-1 SSL certificates with validity past 1st Jan 2016.
Web Administrator is actually busy with so many vulnerabilities this 12 months like Freak Attack, Heartbleed, Logjam. Nicely, that’s how Internet Security is evolving and one of many difficult duties for Internet Security Administrator can be to maintain up-to-date one’s information and act correctly on security vulnerabilities to secure Web Applications.
On this article, I’ll speak about how to examine for SHA-1 vulnerability and how one can repair this
Check SSL SHA-1 bug
One of many quickest methods to check in case your website SSL is signed with SHA-1 can be to hit the next URL and enter the URL and click on Go.
Fix SSL SHA-1 bug
Fixing SHA-1 means you want to get SSL certificates signed with SHA-2. Some SSL cert supplier can present you a cert with SHA-2 signed, nevertheless, generally you prefer to get the new SSL certificates signed and implement it.
To get SHA-2 certificates using OpenSSL
openssl req -new -sha256 -key example.key -out example.csr
I hope now in case your website SSL is SHA-1 signed and know the procedure to fix this.