Secure Socket Layer (SSL) protocol has become the de facto standard for securely transmitting sensitive information over the internet and for instilling trust in the users on data security. However, the reliability of SSL depends much on the underlying cryptographic hash algorithms. Majority of the SSL certificates in use today have been signed using the hash function SHA-1, which has been found to be susceptible to a collision attack due to which hackers could spoof browsers with forged signatures.
The National Institute of Standards and Technology (NIST) has banned the use of SHA-1 for new certificates and browser companies have announced that they would stop accepting SHA-1 certificates from January 1, 2017. That means, beyond the cut-off date, websites making use of SHA-1 certificates will simply not function or throw errors. Organizations should switch all their certificates from SHA-1 to SHA-2 immediately.
Switching to the secure SHA-2 hashing algorithm is easier said than done:
Fill this form and we will schedule a demo over the web. We will explain how you can isolate and eliminate SHA-1 certificates and smoothly switch to SHA-2.
Key Manager Plus is integrated with ManageEngine’s Password Manager Pro, to provide unified privileged identity management platform.
ManageEngine’s Key Manager Plus enables us to stay on top of SSL certificates for all of our websites. With Key Manager Plus, we’re able to monitor which certificates are nearing expiration and roll out new certificates in a timely manner.Ken Odibe Senior cloud infrastructure consultant, Sapphire systems.