3.1 Google Chrome Errors Related to SHA-1 Algorithm in SSL Certificates
Problem
Customers are beginning to see SSL errors when using Google Chrome to access secure sites, such as WebTrac, eRecTrac, RecTrac 3.1. Instead of seeing a green padlock in the URL, they see a padlock with a yellow warning triangle or a red X on it. Why?
Solution
The errors being seen directly relate to Google's process of sunsetting SHA-1 as a valid certificate signature. Beginning in early 2015, HTTPS sites whose certificate chains use SHA-1 and are valid past 1 January 2017 will no longer appear to be fully trustworthy in Chromes user interface.
Here is a succinct article on the issue:
http://googleonlinesecurity.blogspot.com/2014/09/gradually-sunsetting-sha-1.html
Different browsers (IE, Firefox, and Safari) have different timelines, but the overall industry goal appears to stop supporting the SHA-1 algorithm by the end of 2016 to encourage transition to SHA-2.
Sites with SHA-1 certificates will need to generate a new certificate request, and get their Certificate Authority (CA) to issue them a new certificate using SHA-2. Users should be cautious and review all options due to the fact that there are potential compatibility issues between SHA-2 and older browsers/OS configurations. There are numerous articles available online to review compatibility.