14 DAY TRIAL // Microsoft has pledged to improve browsing security with Edge and Internet Explorer, and part of this plan is giving up on the SHA-1 hash algorithm, which has been around for so long and is no longer secure.
The Redmond-based software giant has already announced earlier this year that it plans to abandon this hash algorithm, and in a blog post published recently, the company reveals that site admins have until February 14, 2017, to update their websites. Otherwise, both Edge and IE11 will no longer load them and instead display a notification informing of an invalid certificate.
Users will also be allowed to ignore the warning and continue to the website, but the company clearly states that this is not a recommended option.
“This will only impact SHA-1 certificates that chain to a Microsoft Trusted Root CA. Manually-installed enterprise or self-signed SHA-1 certificates will not be impacted, although we recommend for all customers to quickly migrate to SHA-256,” Microsoft explains.
Older versions of IE not impacted
The software firm also explains that other Windows applications using older versions of Internet Explorer or a previous release of the browser itself won’t be affected.
“Third party Windows applications that use the Windows cryptographic API set and older versions of Internet Explorer will not be impacted by the February 2017 changes by-default,” the company said, adding that it “will not prevent a client using a SHA-1 signed certificate from being used in client authentication.”
Microsoft Edge is currently a Windows 10-exclusive app and Redmond has no plans to bring it on other platforms or on previous versions of the operating system. Internet Explorer, on the other hand, is available as default browser on both Windows 8.1 and Windows 7, so this change is impacting pretty much every Windows user that runs a version of the operating system that’s still supported.
Webmasters are strongly recommended to give up on the SHA-1 hash algorithm as soon as possible and they still have approximately three months to do it.