Home / security / web / SHA-1 Security Vulnerability Scan and How to Fix It
How to fix SHA1

SHA-1 Security Vulnerability Scan and How to Fix It

How to check website SSL certificates if using SHA-1 and Fix it.

SHA-1 (Secure Hash Algorithm) is a cryptographic hash function creates 160-bit hash worth and it’s thought of weak. it’s fairly fascinating to know as of May 2014 – there are 93 % of a website are susceptible to SHA1 on the Web.

Google has begun regularly sunsetting SHA-1 and Chrome version 39 and later will point out visible safety warning on websites with SHA-1 SSL certificates with validity past 1st Jan 2016.

Web Administrator is actually busy with so many vulnerabilities this 12 months like Freak Attack, Heartbleed, Logjam. Nicely, that’s how Internet Security is evolving and one of many difficult duties for Internet Security Administrator can be to maintain up-to-date one’s information and act correctly on security vulnerabilities to secure Web Applications.

On this article, I’ll speak about how to examine for SHA-1 vulnerability and how one can repair this

Check SSL SHA-1 bug

URL: https://shaaaaaaaaaaaaa.com/

One of many quickest methods to check in case your website SSL is signed with SHA-1 can be to hit the next URL and enter the URL and click on Go.

Fix SSL SHA-1 bug

Fixing SHA-1 means you want to get SSL certificates signed with SHA-2. Some SSL cert supplier can present you a cert with SHA-2 signed, nevertheless, generally you prefer to get the new SSL certificates signed and implement it.

To get SHA-2 certificates using OpenSSL

You may additionally generate certificates online on following:-

https://certificatesssl.com/ssl-tools/csr-generator.html

I hope now in case your website SSL is SHA-1 signed and know the procedure to fix this.

Leave a Reply