Video Screencast Help

SHA 1 certificates: what is the official stand of Symantec?

Created: 20 Jun 2013 | 2 comments

What is the official stand of Symentec on the support for Symantec?

If I order a bunch of SHA1 code signing certificates with 1 year validity today, shall I be able to renew those certificates (as SHA 1) after 1 year?

Operating Systems:

Comments 2 CommentsJump to latest comment

bipshr's picture


Since you've opened a thread couple of months ago, I am not sure whether or not you are still looking for an answer. However, I would still assume that you have not received any answer on your query and I will try to help you.

Before I could answer your query, I would like to know where are you trying to import these certificates to. Do you have a SEMS (previously known as PGP Universal Server) ? Can you please elaborate on what you are trying to achieve?

Best Regards,


Japke's picture

Very likely yes - until SHA1 is no longer deemed usable / suitable by the various standardization orgs. Basically when you look at the following two articles, and combine their message. It will be possible to still renew SHA1 certs with SHA1 as long as NIST or any other related authority did not issue a formal statement that SHA1 should no longer be used.

If that would be the case, you likely have to create a new CSR etc.

How do I change the Signature Algorithm of an SSL certificate?

Service Notification – Update Existing Certificates from 1024-bit Keys to 2048-bit

I am no longer a Symantec employee.