Microsoft and Google announced SHA-1 deprecation plans that may affect websites with SHA-1 certificates expiring as early as after December 31, 2015.
Below we provided the list of the SHA-2 compatible servers, browsers and Operating Systems.
Browser | Minimum Browser Version |
Chrome | 26+ |
Firefox | 1.5+ |
Internet Explorer | 6+ (With XP SP3+) |
Konqueror | 3.5.6+ |
Mozilla | 1.4+ |
Netscape | 7.1+ |
Opera | 9.0+ |
Safari | 3+ (Ships with OS X 10.5) |
Adobe Acrobat/Reader | 7 |
Server | Minimum Server Version |
4D Server | 14.01+ |
Amazon Web Services (AWS)1 | |
Apache | 2.0.63+ w/ OpenSSL 0.9.8o+ |
Barracuda Network Access Client | 3.5+ |
Cisco ASA 5500 | 8.2.3.9+ for AnyConnect VPN Sessions; 8.4(2)+ for other functionalities |
Citrix Receiver | Varies - See PDF (FIPS 140 & SHA-2 Line) |
CrushFTP | 7.1.0+ |
F5 BIG-IP | 10.1.0+ |
IBM Domino Server2 | 9.0+ (Bundled with HTTP 8.5+) |
IBM HTTP Server2 | 8.5+ (Bundled with Domino 9+) |
IBM z/OS | v1r10+ |
Java based products | Java 1.4.2+ |
Mozilla NSS Based Products | 3.8+ |
OpenSSL based products | OpenSSL 0.9.8o+ |
Oracle Wallet Manager | 11.2.0.1+ |
Oracle Weblogic | 10.3.1+ |
SonicOS (SonicWALL) | 5.9.0.0+ |
WebSphere MQ | 7.0.1.4+ |
Operating System | SSL Certificate Minimum OS Version |
Android | 2.3+ |
Apple iOS | 3.0+ |
Blackberry | 5.0+ |
ChromeOS | |
Mac OS X | 10.5+ |
Windows | XP SP3+ |
Windows Phone | 7+ |
Windows Server | 2003 SP2 +Hotfixes (Partial) |