In case you didn’t notice during May’s Patch Tuesday release, Microsoft has banned SHA-1 certificates in Internet Explorer and Edge.
Browsers will now flag SSL/TLS certificates that leverage the dated cryptographic hash function as insecure.
This marks yet another step toward phasing out the use of the SHA-1 certificates – which date back to 1995 – that many browser vendors believe do not provide enough security, according to a report by CSO Online.
“This change will only impact SHA-1 certificates that chain to a root in the Microsoft Trusted Root Program where the end-entity certificate or the issuing intermediate uses SHA-1,” Microsoft said in its security bulletin.
Although enterprise or self-signed SHA-1 certificates aren’t impacted, the company goes on to recommend that customers “quickly migrate to SHA-2 based certificates.”