2016年后，Microsoft / IE将如何处理SHA1证书？ [英] How will Microsoft/IE treat SHA1 certificates after 2016?

问题描述

根据这个：

https://community.qualys.com/blogs/securitylabs/2014/09/09/sha1-deprecation-what-you-need-to-know

Microsoft计划在2016年底之前放弃对SHA1证书的支持。我很想知道IE将如何处理仍向浏览器提供SHA1证书的网站？是否会拒绝连接或浏览器是否只显示类似于
自签名证书的SSL警告？该链接表示"他们将不再接受"所以我认为这意味着IE将拒绝连接。

Microsoft is planning to drop support for SHA1 certs by the end of 2016. I am curious to know how IE will treat sites that still supply SHA1 certs to the browsers? Will the connection be refused or will the browser simply display a SSL warning similar to that of a self signed cert? The link says "they will no longer be accepting" So I take that to mean IE will refuse the connection.

推荐答案

根据此公告 -
http：// social。 technet.microsoft.com/wiki/contents/articles/32288.windows-enforcement-of-authenticode-code-signing-and-timestamping.aspx - Microsoft Windows 7更高版本将不再支持使用SHA-1签名的代码从2016年1月1日开始。 服务器身份验证
证书，例如2016年1月1日将不再支持使用SHA-1发布的启用HTTPS的Web服务器证书。

According to this announcement - http://social.technet.microsoft.com/wiki/contents/articles/32288.windows-enforcement-of-authenticode-code-signing-and-timestamping.aspx - Microsoft Windows 7 higher will no longer support code signed with SHA-1 beginning January 1, 2016.  Server authentication certificates, e.g. web server certificates that enable HTTPS, that are issued using SHA-1 will no longer be supported in January 1, 2016.

这篇关于2016年后，Microsoft / IE将如何处理SHA1证书？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！