SHA-1 SSL Certificates are known as less security now and there are SHA-1 collision attacks. That’s why Google Chrome no longer treats SHA-1 SSL Certificates as secure, and will not support them in 2 steps.
Step 1: Blocking new SHA-1 SSL Certificates
Starting from 2016 (Chrome version 48), Chrome will display an error if the website is using an SSL certificate that:
- is signed with a SHA-1-based signature
- is issued on or after January 1, 2016
- chains to a public CA
Step 2: Blocking all SHA-1 SSL Certificates
Starting from January, 2017, Chrome will completely not support SHA-1 SSL Certificates. The websites which have a SHA-1-based signature as part of the certificate chain (not including the self-signature on the root certificate) will trigger a fatal network error.
Moreover, the other browsers such as Edge & Firefox will also block all SHA-1 SSL Certificates on 1st January, 2017.
Therefore, if your websites are using SHA-1 SSL Certificates, you are encouraged to replace it as soon as possible.