As part of ongoing security efforts and in response to known security weaknesses of SSL certificates using SHA-1 algorithm. The Moovweb platform has started preventing uploading any SSL certificates with the SHA-1 signature algorithm starting Aug 1st, 2015.
Microsoft (Internet Explorer), Mozilla (Firefox), and Google (Chrome) have all declared SHA-1 insecure and are their browsers are stopping support for SHA1 certificates.
See announcements from various vendors:
Tested mobile browsers Chrome and Safari, do not visually indicate SHA-1 certificate problems, however, desktop browsers have already exhibited these warning signs. Our goal is to provide the highest level of security for your critical business transactions and your end customers.
Suggested Next Steps
If you are currently using SHA-1 SSL certificates on Moovweb, and they meet the criteria described below: we highly recommend that you re-generate the SSL certificate in order to maintain the highest security.
Does your SSL Certificate needs to be re-generated?
Re-generate your SSL certificate if these 2 conditions are met:
- Your SSL certificate is using the SHA-1 signature algorithm, and
- Your SSL certificate expires after 2016
Once you have regenerated your certificate with a signature algorithm of higher security likeSHA-2, you must upload it to https://console.moovweb.com.