Check if the SSL Certificate is SHA1 or SHA2


I have tried to find the answer to this but I couldn't find an answer…

How do I check if my SSL Certificate is using SHA1 or SHA2?

Reason I ask is because it might have to do with the certificate not loading on Mozilla Browers….

Any ideas? Can I check through cPanel?

Best Answer

Use the Linux Command Line

Use the command line, as described in this related question: How do I check if my SSL Certificate is SHA1 or SHA2 on the commandline.


Here's the command. Replace to fit your needs. Default SSL port is 443:

openssl s_client -connect < /dev/null 2>/dev/null \
    | openssl x509 -text -in /dev/stdin | grep "Signature Algorithm"


This should return something like this for the sha1:

Signature Algorithm: sha1WithRSAEncryption

or this for the newer version:

Signature Algorithm: sha256WithRSAEncryption


The article Why Google is Hurrying the Web to Kill SHA-1 describes exactly what you would expect and has a pretty graphic, too.