http://www.csoonline.com/article/3014123...d-websites.html
Just a heads up that SHA-1 certificates are going to be EOL pretty soon. If you have old OSes you might be SOL regarding connecting to https sites enforcing a higher level of encryption. Due to the numerous weaknesses found, some heavy hitters are trying to accelerate the EOL schedule.
Seems to impact some countries on the margin, but we have a lot of internal machines with self signed cert which we are now retrofitting with SHA-2 (SHA-256) level certs.
Some may trumpet the use of old XP, but the key to secure connections is to use encryption that is ahead of a 'operative's ability to compromise it. This necessitates use to up to date algorithms.
Just a heads up that SHA-1 certificates are going to be EOL pretty soon. If you have old OSes you might be SOL regarding connecting to https sites enforcing a higher level of encryption. Due to the numerous weaknesses found, some heavy hitters are trying to accelerate the EOL schedule.
Seems to impact some countries on the margin, but we have a lot of internal machines with self signed cert which we are now retrofitting with SHA-2 (SHA-256) level certs.
Some may trumpet the use of old XP, but the key to secure connections is to use encryption that is ahead of a 'operative's ability to compromise it. This necessitates use to up to date algorithms.
Last edited: