NOTE: Google has updated the plan they will be using to deprecate SHA1 based certificates. The content in this post is still mostly accurate but for dates please see the thread. Personally I think the new plan is a good one. The upsides in this post are still accurate and it is my hope people switch to SHA256 … Continue reading Why might you have a certificate with a SHA1 based signature in its chain that is valid beyond 2016/1/1?