Advisory Notice on Upcoming Changes to SSL Certificates
What You Need to Know
We have recently received questions regarding the industry move to SHA-2 SSL signed certificates from SHA-1 SSL certificates. In November, 2013, Microsoft announced the planned end of support for SHA-1 SSL certificates effective on January 1, 2016. As a result, some of the Certificate Authorities (CA's) that issue SSL certificates have already started issuing SHA-2 SSL signed certificates by default.The Bottom Line
The result of Microsoft's decisions will only affect customers using Secure HTTP/SOAP (HTTPS), and Sockets. If you are only using other communications methods, you should not be affected by the planned change.
Some of you may be connecting to 3rd party sites that use SSL certificates. Please ensure those vendors will continue to support SHA-1 until you are able to make the necessary upgrade
We have also found that SHA-2 is not yet a requirement for PCI compliance, but some services of the U.S. Government may require an SHA-2 certificate. If you are unable to make HTTPS connections, check your logs using protocolLogging() for a "bad signature" error message. This is the key indicator that you may be encountering an SHA-2 signed certificate.Rocket's Actions
The Rocket team has researched the timelines and expected impact of the planned change. SHA-1 SSL certificates are still available for issue but must be specifically requested or you will likely receive an SHA-2 SSL certificate. Additionally, SHA-1 certificates are typically only available for one or two years at renewal because of the industry move.
Rocket UniVerse 11.2 supports SHA-2 and the upcoming Rocket UniData 7.3.7 and 8.1.0 will also support SHA-2. UniData 7.3.7 is targeted to be available in May 2014. These product releases will be available for those with an active maintenance and support contract who are current on applicable fees.
Rocket SB/XA and Rocket wIntegrate will also be issuing updates to support SHA2 in upcoming releasesDiscover More