SHA-1 Broken, Migrating to SHA-2

SHA-1 is broken, and there is bold moves from Microsoft to move away from SHA-1 after announcing their deprecation plan for SHA-1 on November 2013. If you want to know the whole story about SHA-1 and why it is being phased out by everyone, then read this blog post [PKI Certificate Services SHA-1 Deprecation]

I spent sometime reading and understanding the answer of the following questions:

Moving to a new blog

I am moving to a new blog format, please follow this link to continue reading 🙂

https://blog.ahasayen.com/how-to-migrate-your-certification-authority-hashing-algorithm-from-sha-1-to-sha-2/

3 comments on “SHA-1 Broken, Migrating to SHA-2

  1. Pingback: PKI Certificate Services SHA-1 Deprecation | Ammar Hasayen - Blog

  2. Hey mate, this is great, finally someone offering the various migration paths clearly and simply.

    I am going to choose Approach 1 : “Side by Side , different Root CA” and so would like some further clarification on the end user/client side of the story.

    Once my new PKI is up, i issue new certificates out to my windows/mac machines, whatever, then now at this point, what steps do i take with the “old” certificates. Do i simply stop the GP that issues the old certificates, and delete them from the client computer? And that is considered the migration?

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s