A very common Sha1 hazelnut feature is no longer safe to use
SHA-1 or ‘Stable Hash Algorithm 1’ is a cryptographic hash function that certifying authorities have used to sign SSL certificates. The CA / B Group has announced that the SHA-1 algorithm is being retired in favor of the newer and safer SHA-2 hashing algorithms.
What is the chance of SHA-1 Certificates being vulnerable?
Some of the most successful Web browser companies have said they would not accept signed SSL certificates using SHA-1 after January 1 , 2017. According to researchers it is theoretically possible to exploit SHA-1 certificates if a malicious attacker applies enough computer power. This does not mean that SHA-1 SSL-protected websites are automatically vulnerable, but it is definitely a wake-up call to improve SSL certificates by issuing them using the SHA-2 algorithms.
SSL Certificate Authorities and vendors suggest that all customers who are still secured by SHA-1 certificates reissue their certificates using the SHA-2 hashing algorithm to prevent web browser security alerts and to ensure that their website users are not blocked or concerned about SHA-1 certificate browser security alerts.
Action Required to Decrease The SHA-1 Vulnerability Risk: SHA-1 certificates will not be accepted as of 2016, a move that needs the attention and intervention of the consumer. As soon as possible, SSLRenewals advice is to reissue or replace the SHA-1 Certificate with SHA-2 Certificates.