MD5 SSL Certificates Revoked
June 30, 2012
As of June 30, 2011, Mozilla ended their support of the MD5 signature algorithm. Since then, pertinent SSL Certificates signed with an MD5 algorithm have continued to work correctly, however in line with Mozilla's request; Symantec® began revoking SSL Certificates this week.
Upgrade From MD5
This will cause websites secured with the revoked SSL Certificates to display errors and not function properly in updated Firefox browsers. This action follows communication sent out by Symantec® to all affected customers in June 2011 advising of this action.
In addition, Symantec® is also using this opportunity to revoke weaker 512 bit SHA1 SSL Certificates, which potentially pose a risk to customers using these older SSL Certificates. Although Symantec® (and its sub-brands such as VeriSign®, Thawte®, GeoTrust®, and RapidSSL®) no longer signed the SSL Certificates using the MD5 or weaker SHA1 algorithms after December 2008, the algorithm was used for some SSL Certificates with multi-year validity periods prior to that date.
To ensure website encryption continues without error, Symantec® advises affected customers need to get their SSL Certificate reissued before July 1, 2012. Reissuing these legacy SSL Certificates will ensure that all customers have current SSL Certificates signed with the newer signature industry supported algorithm.
Trustico® has now been in contact with all customers affected by this revokation. If you believe that your website has been affected by this latest security update by Symantec® then please Contact Us.