Countdown starts for SHA-1 encrypted websites as IE11 and Edge set to block connections from Valentine’s Day


In a blog post yesterday, the Microsoft Edge Team detailed an upcoming change coming to Edge and Internet Explorer. Both of the company’s browsers will start blocking access to SHA-1 encrypted sites early next year — on Valentine’s Day, to be exact. The company actually announced this change back in November 2015, and it’s finally ready to block sites with SHA-1 certificates. In the blog post, Microsoft quickly briefed SHA-1’s issues:

The SHA-1 hash algorithm is no longer secure. Weaknesses in SHA-1 could allow an attacker to spoof content, execute phishing attacks, or perform man-in-the-middle attacks when browsing the web. Microsoft, in collaboration with other members of the industry, is working to phase out SHA-1.

The software giant will start displaying an invalid certificate starting February 14, 2017, but it will not prevent a client using an SHA-1 signed certificate from being used in a client authentication. You can know more about the change on Microsoft’s official blog post here.

Some links in the article may not be viewable as you are using an AdBlocker. Please add us to your whitelist to enable the website to function properly.