"使用有 SHA-256 或更高哈希運算法則的 TLS 憑證。現代的瀏覽器不信任使用 SHA-1 的憑證。"
持續使用 SHA-1 憑證會使您用戶端的敏感資料面臨風險,而且將導致瀏覽器顯示警告。連線到網站時,警告創造了不信任,而且可能導致用戶端避開您的網站。
哈希運算法則用於產生 SSL 憑證。「探索」會檢查您的 SSL/TLS 憑證,以及其發行的中介憑證。
根據目前的研究和 DigiCert 的建議,系統管理員應該用 SHA-2 憑證取代他們的 SHA-1 憑證,因為與 SHA-1 哈希運算法則關聯的風險比之前預期的大。發佈的發現似乎沒有立即的危險,因為我們強烈建議系統管理員盡快規劃可行的方式移轉為使用 SHA-2 憑證。
若要瞭解更多資訊,請參閱 DigiCert SHA-2 SSL 憑證。
重新發行、續訂或以 SHA-2 憑證取代您的所有 SHA-1 憑證。如需詳細指示,請參閱切換到 SHA-2。
DigiCert is the world's leading provider of scalable TLS/SSL, IoT and PKI solutions for identity and encryption. The most innovative companies, including 89% of the Fortune 500 and 97 of the 100 top global banks, choose DigiCert for its expertise in identity and encryption for web servers and Internet of Things devices. DigiCert supports TLS and other digital certificates for PKI deployments at any scale through its certificate lifecycle management solution, CertCentral®. The company is recognized for its enterprise-grade certificate management platform, fast and knowledgeable customer support, and market-leading security solutions. For the latest DigiCert news and updates, visit digicert.com or follow @digicert.
©2020 DigiCert, Inc. All rights reserved. DigiCert, its logo and CertCentral are registered trademarks of DigiCert, Inc. Norton and the Checkmark Logo are trademarks of NortonLifeLock Inc. used under license. Other names may be trademarks of their respective owners.