For some time, there have been plans to deprecate the SHA-1 hashing algorithm in favor of SHA-2. Last week, Google announced plans for gradually sunsetting SHA-1. This announcement has brought renewed attention to the subject of SSL certificates and their security.
There are several things to note about Google's recent announcement:
- Any certificate expiring before 1 January 2016 is unaffected and will remain so through the entire sunsetting phase.
- We only issue certificates for a duration of 1 year.
- The current year is 2014.
All that aside, we are working to deploy SSL certificate generation that requests SHA-2 hashing by default as soon as possible and expect to have the necessary changes deployed within the next few days.
Since a year from the end of next week is still 2015 there should be no need to request a reissue of a certificate purchased from us to comply with Google's recent announcement.