With Microsoft’s having retired SHA1 certificates last summer as well as now blocking them as of earlier this year, TLS certificates signed by the SHA1 hashing algorithm are no longer secure or supported and should be retired and replaced as soon as possible. The question though is, what should you replace your SHA1 certificates with and how do you actually go about replacing them? Because if you don’t replace them, your HTTPS web servers will be offering customers an insecure version of SSL which means any sensitive personal or business information they send to your web sites may be susceptible to being compromised. To help us understand the nature of the problem and how you can approach it, I’ve asked Andrew Perchaluk, a Senior Systems Administrator at the University of Manitoba in Winnipeg, Canada to provide us with some insight and tips from his own experience managing Active Directory environments. Andrew is a husband, father, and dog lover who has been working in the Information Technology industry for almost 20 years and who enjoys sharing his experiences with others in the IT pro community. For more information about Andrew see his LinkedIn profile. You can also follow him on Twitter. Let’s now hear what Andrew has to say on this topic.
SHA, which stands for Secure Hash Algorithm, is a cryptographic hashing algorithm used to determine the integrity of a particular piece of data. These algorithms are often used by SSL certificate authorities to sign certificates and this ensures that your website data is never tampered with. More information on SHA1 may be found in this Wikipedia article:
SHA1 vs SHA256
Basically speaking SHA1 is smaller (160 bits) compared with SHA256 which is 256 bits, so because of this it’s more susceptible to a collision attack. The following are simply sample hashes to try and illustrate the differences.
SHA1 hash: f14272531355581623edadd8aa85fe555574edc
SHA256 hash: f14272531355581623edadd8aa85fe555574edc5f49b4a7dfcfd72b37181b0e5
Has SHA1 ever been cracked using a collision attack?
Yes! In February 2017 researchers from Google were able to successfully crack SHA1 using a collision attack as described here on the Google Security Blog:
Here are some numbers that give a sense of how large-scale this computation effort was:
Nine quintillion (9,223,372,036,854,775,808) SHA1 computations in total
6,500 years of CPU computation to complete the attack first phase
110 years of GPU computation to complete the second phase
The Moral of the story: Replace your SHA1 certificates with SHA256 or SHA3
Because of Google’s vulnerability disclosure policy they will release their code 90 days after announcing (Mid May 2017). It’s unlikely you have any public facing services using SHA1 certificates but if you do you should replace those first. Also it should go without saying if you have any management tools available using only HTTP you should look at using a certificate as HTTP is much less secure than using an SHA1 SSL certificate. The sections that follow describe some areas you should check within your infrastructure.
If you have a site license or use the same provider for SSL certificates (such as GlobalSign, VeriSign, Thawte, and so on) then you can usually log into their portal and get a report on your assigned certificates. Many of these providers also offer free scanners where you can enter your website and click scan, they will then give you feedback showing if your domain is running SHA1 one such scanner is available at Digicert here:
Look for any outstanding SHA1 SSL certificates and replace or renew them.
Active Directory Certificate Services
If you’re running Active directory Certificate Services then you’ll want to make sure to update it from using SHA1 to SHA256. Check the properties of your CA, and if it is using SHA1 then perform the following steps to update, because these steps do not revoke any old certificates it should be fairly low impact:
- From PowerShell running as admin, run this command:
certutil -setreg ca\csp\CNGHashAlgorithm SHA256
- Restart Cert services as follows:
net stop certsvcnet start
- Generate a new CA certificate like this: From the properties of your root CA go to All Tasks, then select Renew CA Certificate, then click Yes when prompted to select AD certificate services and click No when asked about generating a new signing key.
After you complete this procedure, the new SHA256 SSL certificates will start to propagate down in your environment as automatic renewals occur. Note that I have seen an issue where we had to import the new SHA256 CA certificate into the intermediate and root folders of our SCCM servers due to a chaining error that was popping up, so keep that in mind.
Management interface self-signed certs
Many of the technologies we administer offer encrypted HTTPS management utilities. However, depending on how long you’ve had the appliances around, you’ll want to double check if they are still using SHA1 self-signed certs and update as required. Some common things to check:
1) Server out of band management tools such as:
- Dell Remote Access
- HP Integrated Lights Out
2) Load Balancer management for products such as F5, Kemp, and so on.
3) Email hygiene appliances for products such as Cisco IronPort or Barracuda.
4) VMware VCenter — See the VMware Knowledge Base article titled “Replacing default certificates with CA signed SSL certificates in vSphere 6.x (2111219)” which can be found at
5) Firewall management for products from companies like Cisco, Palo Alto, or CheckPoint
6) Backup systems
7) IPAM solutions such as InfoBlox or BlueCat
Issues with such management tools may be identified by browser security alerts like this screenshot taken using the Google Chrome web browser:
or by the presence of SHA1 as the hash algorithm that was used to sign a certificate being used by a website:
These are some of the main areas where you might find SHA1 SSL certificates that you will need to upgrade, best of luck you’re your cleanup!
Additional help may be obtained by posting your questions to the TechNet Forum for Windows Server Security which can be found here: https://social.technet.microsoft.com/Forums/windowsserver/en-US/home?forum=winserversecurity
Another good resource is this forum on IIS security which has a number of posts related to SHA: https://forums.iis.net/1043.aspx/1?Security