WoSign CA certificate issuing system fully supports SHA2 signature algorithm with higher security2014-12-04
According to international standards, all the globally trusted CA must stop issuing certificates which use SHA1 signature algorithm. They should upgrade PKI/CA system as soon as possible so that the system supports users to choose between SHA1 certificate and SHA2 certificate. WoSign CA has completed the SHA2 signature algorithm upgrade of the whole series of products in order to respond to Google browser’s advice to make modification in case of warning being prompted because of SHA1 certificate. Subscribers can choose between SHA1 and SHA2 certificates while they are placing orders in the buy system.
Please notice that Windows XP SP2 operating system, which does not support SHA2 signature algorithm, is still being used by 3 million users in China. Therefore, please purchase the SHA2 certificate with caution in case that user cannot visit your website. You can apply for new SHA2 certificate in December of 2015 to meet the requirement of international standards.
According to international standards, root certificate can still use SHA1 or SHA2 signature algorithm. But intermediate certificate and subscriber certificate should use SHA2 signature algorithm. The English root certificate of WoSign CA still applies SHA1 signature algorithm while all the intermediate certificates have been upgraded to SHA2 certificates and been named G2. For instance, the original intermediate certificate of EV SSL certificate which used SHA1 signature algorithm is called WoSign Class 4 EV Server CA; the upgraded intermediate certificate that uses SHA2 algorithm is called WoSign Class 4 EV Server CA G2. The Chinese root certificate of WoSign CA uses SHA2 algorithm. All the intermediate certificates are upgraded to SHA2 certificates and are named G2. At present, only free SSL certificate and client certificate have enabled Chinese root certificate. For instance, the intermediate certificate of free SSL certificate is called CA WoSign free SSL certificate; the upgraded intermediate certificate of free SSL certificate that uses SHA2 algorithm is called CA WoSign free SSL certificate G2 as shown below.