Renew Certificate with SHA256

Posted on March 30, 2015 by erictummers

hackersJust like my renewal in 2014 I acted on receiving an email about my certificates expiring. The free certificate’s default Secure Hash Algorithm used to be of type SHA1.

Microsoft is deprecating SHA1. Also Google posted about sunsetting SHA1. Browsers will not be fully trusting the certificates starting from 2016.

Startssl.com offers the adviced SHA256 as the default for the free class 1 certificate. Just make sure to leave it to the default or select SHA2 (default) in the generate key step. When the key is imported in Synology it will show it is SHA256.

The first issue with SSL in 2016 has been resolved. Prepare for the worst and hope for the best 😉

About erictummers

Working in a DevOps team is the best thing that happened to me. I like challenges and sharing the solutions with others. On my blog I’ll mostly post about my work, but expect an occasional home project, productivity tip and tooling review.
This entry was posted in Tooling and tagged , , , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.