Jump to content

Sha-256 (Sha-2) Security Standard Compliance And Tch


Recommended Posts

Hello, I was wondering if someone can help me understand the impact of the SHA-256 (SHA-2) security standard on the TCH servers, if any.


I have a few clients using ecommerce of various types (Drupal Commerce, Drupal Ubercart, Magento, Wordpress WooCommerce, etc.). I have seen emails from Paypal and Authorize.net about the new SHA-256 (SHA-2) Security Compliance. My research on the software side has mainly found that all is fine on that side, but the hosting server will need to support this compliance as well.


My question. Is this covered with TCH hosting servers and is there anything I should be aware of on that end or with SSL Certificates purchased through TCH?


Thanks for any help you can provide.

Link to comment
Share on other sites

Our servers generate SHA-256 CSRs by default and can support others such as SHA-512. Anyone that purchases as new certificate from use will have no issues and they are compliant. If anyone purchased a multiple year certificate prior to September 2014, they can contact us to have it reviewed and reissued if needed. In fact, if you have an active certificate purchased any time from us or another provider , then just contact our support desk and we will gladly review it for you.

Link to comment
Share on other sites

Relating to the same issue, but from the perspective of the server's root certificate store, I would just like to verify if the following (taken from PayPal's recent letters of compliance checks) would be true for all TCH servers:



Ask your web site host or system administrator to verify that the VeriSign G5 Root Certificate
is included in the root store that is being used by your code for validation logic.


  • Like 1
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Unfortunately, your content contains terms that we do not allow. Please edit your content to remove the highlighted words below.
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Create New...