If you are running Windows XP take action now. Background Due to weaknesses found in the algorithm, the IT Industry has agreed to end of life the use of SHA-1 (Secure hash algorithm) for the signing of SSL Certificates. SSL Certificates are small data files that digitally bind a cryptographic key to an organisation’s details. When installed on a web server, it activates the padlock and the https protocol to allow a secure connection from a web server to a browser. Exploitation of this weakness could allow an attacker to “Impersonate” a SSL certificate with a false copy/version. After Jan 1, 2016, most if not all Certificate Authorities will no longer issue certificates based on the SHA1 standard. After Jan 1 2017 web browsers will no longer accept SHA1 signed SSL Certificates and some already display error messages (Chrome, Firefox). What is Descartes SmartCompliance doing? Descartes will be renewing the certificate used to secure communications with Smartanalysis, SmartScan, DepotScan, BureauScan, Digital Downloader and SoloPlus on 13th July 2015 to comply with the new requirements for SSL certification. What does this mean for you? Very old browsers or operating systems that are not in the Known Compatible Systems section below will not be able to use SSL certificates based on the SHA-2 standard and your access to Smartanalysis, SmartScan, DepotScan, BureaScan, Digital Downloader and SoloPlus may be compromised. What should you do?
- Review your browsers and operating systems against the list in the Known Compatible Systems section below. If they are not in the list, consider upgrading your operating system/browser now to avoid problems in the future.
- If you are running PCs with Windows XP Service Pack 2 or earlier you should upgrade them now.
- Windows IE 6+ on SHA-2 Compatible Operating Systems e.g. Windows XP SP3 + and Windows Server 2003 SP2 with some additional browser patches and all higher Server OS Versions.
- Chrome 1.0+
- Firefox 1.0+
- Mac Safari 3+ (OSX 10.5)