Advisory – Google Chrome SHA1 Deprecation

Google have announced that with the release of their Chrome v39 web brower, they are removing support for the older ‘SHA-1’ based SSL certificates, this is expected shortly. This will mean that sites accessed via Chrome v39 that use SHA-1 crt will generate a minor security flag.

Further reading…
Useful article
https://community.qualys.com/blogs/securitylabs/2014/09/09/sha1-deprecation-what-you-need-to-know

Google’s own security blog
http://googleonlinesecurity.blogspot.co.uk/2014/09/gradually-sunsetting-sha-1.html

The solution is to get your SSL vendor to reissue your CRT using ‘SHA-2’, normally this process is free, but requires the usual CRT security checks / email confirmation.