We're upgrading our SSL certificates for better security, are you?

We're upgrading our SSL certificates for better security, are you?

With growing global IT security concerns in mind,  ManageEngine   ServiceDesk  Plus On-Demand will be  upgrading  its  SSL  certificates from using a weak and aging  SHA -1 encryption algorithm to a more secure and latest  SHA -256 algorithm. It's time that you upgrade too.

 

What is  SSL  Certificate  and  SHA ?

SSL  Certificate  (Secure Sockets Layer) is a certificate presented to the browser by a website which encrypts your connection and verifies if you have connected to the right website.  SHA  is a  cryptographic  hashing encryption algorithm used by  SSL  certificates that performs the authentication process.  SHA -1 is being used widely and is known for its security vulnerability and mathematical weakness.  SHA -256 is a more advanced and secure hashing algorithm developed by   NIST  (National Institute of Standards and Technology) to replace  SHA -1.  

 

What do I have to do?

Some of the older operating systems (operating system version below Windows XP SP3, OS-X 10.5 and Windows server 2003 SP2 +MS13-095) , browsers and applications do not support  SHA -256 and are vulnerable to security threats. So you need to ensure that your IT infrastructure is  SHA -256 compatible by installing the latest version of applications, browsers and operating systems. Doing so  will help you  to   seamlessly  transit from  SHA -1 to  SHA -256  benefiting  you with a more secure IT environment.

 

Is it an optional upgrade?

No. Almost all vendors like Microsoft, Google, Mozilla etc have charted out their plans to end support for  SHA -1.  For example  Chrome will end support for  SHA -1 tentatively by Feb 10, 2015.  Usage of  SHA -1 would be depreciated gradually  until  it becomes  obsolete  in a few years time.

 

Accessing  ServiceDesk  Plus On-Demand will be hassle-free irrespective of whether you upgrade or not, but it is advisable to  upgrade your infrastructure and protect yourself from IT security threats.    

 

Here are a few links that would substantiate our upgrade and give you a more clear picture

Supported OS:

https ://support. globalsign .com/customer/portal/articles/1499561- sha -256-compatibility

Roll-out plan by OS and browser vendors:

https ://support. globalsign .com/customer/portal/articles/1447169

Explanation about the vulnerability:

https :// konklone .com/post/why- google -is-hurrying-the-web-to-kill- sha -1

 

If you have any concerns, please write to us at   sdp - ondemand -support@ manageengine .com



      New to M365 Manager Plus?
      New to M365 Manager Plus?
        New to RecoveryManager Plus?
        New to RecoveryManager Plus?
          New to Exchange Reporter Plus?
          New to Exchange Reporter Plus?
            New to SharePoint Manager Plus?
            New to SharePoint Manager Plus?
              See all integrations
              New to ADManager Plus?
              See all integrations
              New to ADManager Plus?

                New to ADSelfService Plus?

                Start your free trial
                Start your free trial



                          Related Products