How to Fix the Insecure SSL Error due to SHA-1 Deprecation Updated on October 29, 2021 by InMotion Hosting Contributor 1 Minutes, 27 Seconds to Read In this tutorial: Who is affected? What Causes the Insecure SSL Warning? How to Fix the Insecure SSL Warning The most recent versions of Google Chrome will show a severe warning for certificates encoded in SHA-1 that are set to expire after January 1, 2017. In this article, we will discuss why this error occurs, and how to avoid and correct it. Who is affected by the Insecure SSL error? Since SSL certificates are issued yearly by InMotion Hosting, this will not apply to most of our SSL ccertificates. There are 2 criteria you have to meet, in order for your site to show up as Insecure in Google Chrome. Your SSL certificate expires after January 1st, 2017. Your SSL was created using SHA-1 hashing. You can test your SSL by navigating here, (be sure to replace example.com with your actual domain name): https://www.sslshopper.com/ssl-checker.html#hostname=example.com If your Signature Algorithm is lower than “sha256” you must fix your SSL. In the example below, the Signature Algorithm is “sha384,” so there is no need to fix it: What Causes the Insecure SSL error? While SSL certificates are currently secure, Google considers the SHA-1 hash algorithm insecure after 2016. This is due to reports from some security companies, that online attackers could feasibly compromise SSL certificates keyed with SHA-1 hash. Due to this, Google Chrome has started to flag these SSL certificates as insecure (see the screenshot at top of this article). How to Fix the Insecure SSL Error If your SSL certificate expires after 2016, and was created using SHA-1 hashing it will need to be rekeyed. Request a CSR via AMP Have your SSL provider rekey your SSL with the new CSR Share this Article IC InMotion Hosting Contributor Content Writer InMotion Hosting contributors are highly knowledgeable individuals who create relevant content on new trends and troubleshooting techniques to help you achieve your online goals! More Articles by InMotion Hosting Related Articles Troubleshooting SSL Connection Errors: How to Fix HTTPS Issues What Is SSL and Why Is It Important? How to Install Let’s Encrypt SSL on Ubuntu with Certbot Installing SSLs and Generating CSRs in cPanel Forcing your Website’s visitors to use the shared SSL How to Manage AutoSSL Certificates in cPanel Force HTTPS with the .htaccess File How to Purchase an SSL Certificate for your Dedicated Server How to Enable a SSL on a WordPress Site POODLE fix for Internet Explorer: Disabling SSL 3.0
Thanks for the write-up. A few of my clients have started getting SSL errors in Chrome. You’ve saved my team hours of research/troubleshooting time.
