SSL Visibility - Getting browser warning when resigning CA cert is signed with SHA-1 algorithm
book
Article ID: 168896
calendar_today
Updated On:
Products
SSL Visibility Appliance Software
Issue/Introduction
A certificate resigning policy is in place, but the browser shows a warning related to the SHA-1 hash algorithm and certificate expiration in 2017 or later. The following is an example:
Cause
The re-signing intermediate CA certificate uses the SHA-1 hash algorithm and expires after January 1, 2017.
Many major browsers are phasing out SHA-1 support and issue a warning:
Google chrome: https://googleonlinesecurity.blogspot.cz/2014/09/gradually-sunsetting-sha-1.html