Microsoft Blocks SHA-1 Certificates in IE and Edge

By Marcos Colon

In case you didn’t notice during May’s Patch Tuesday release, Microsoft has banned SHA-1 certificates in Internet Explorer and Edge.

Browsers will now flag SSL/TLS certificates that leverage the dated cryptographic hash function as insecure.

This marks yet another step toward phasing out the use of the SHA-1 certificates – which date back to 1995 – that many browser vendors believe do not provide enough security, according to a report by CSO Online.

“This change will only impact SHA-1 certificates that chain to a root in the Microsoft Trusted Root Program where the end-entity certificate or the issuing intermediate uses SHA-1,” Microsoft said in its security bulletin.

Although enterprise or self-signed SHA-1 certificates aren’t impacted, the company goes on to recommend that customers “quickly migrate to SHA-2 based certificates.” 

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.