PKI SHA Migration Services

Public Key Infrastructure SHA-1 to SHA-2 Migration Service

The SHA-2 hashing algorithm is now the standard for self-managed and public certificate authorities (CAs). Although SHA-1 is still in use, there is widespread recognition that SHA-1 certificates are unsafe, and U.S. NIST advised that SHA-1 should not be trusted past January 2014.

But moving to from the SHA-1 hashing algorithm to SHA-2 presents a complex problem due to the integral nature of hash algorithms within PKIs, as well as various industry and application incompatibilities between SHA-2 and older Android and Windows OSs still widely used today, as well as new and legacy versions of Microsoft Office.

nCipher Professional Services (PS) can help you securely manage the complexities of this critical migration through planning your migration, helping you understand and choose the best options and supporting your migration.

Your PS consultant will work with you to:

image description

Plan your migration

Analyze your PKI environment and map your endpoints to evaluate SHA-2 compatibilities.

image description

Understand your options

Help you make the best choice among various options, for instance, deploying a hybrid system; converting to a new SHA-2 root; or creating a parallel SHA-2 PKI and migrating over time.

image description

Support your migration

Provide guidance through your migration as needed, from planning and documentation through testing and deployment.