Everyone are mostly aware that SHA-1 is not trusted and all CAs (Certification Authorities) are not even issuing new SHA-1 SSL & Code Signing certificates by January 1, 2016 itself & it has to be updated by SHA-2. One major benefit SHA-2 shows is that it overcomes the weaknesses which are in SHA-1 hashing algorithm but it also comes with some drawbacks on its own though it's not related to security but compatibility.

1. Symantec® Secure Site Pro SHA-1 Private - One Step Solution for
Applications not Supporting SHA-2
Everyone are mostly aware that SHA-1 is not trusted and all CAs (Certification Authorities) are not even
issuingnewSHA-1SSL& Code SigningcertificatesbyJanuary1,2016 itself &ithas to be updatedbySHA-
2. One major benefit SHA-2 shows is that it overcomes the weaknesses which are in SHA-1 hashing
algorithm but it also comes with some drawbacks on its own though it's not related to security but
compatibility.
Compatibility Issues:
With SHA-2 several older applications & operating systems are not supported. Compatibility is the real
issue whichisholdingbackpeoplefromadoptingSHA-2algorithm.Forexample,WindowsXPServicePack
2 or lowerdoesnot supportthe use of SHA-2,Windowsserverasks for certain requirements alongwith
some patches, for servers using Java will support SHA-2 if Java SDK 1.4.2 or higher is installed, Apache
based servers will only support if Apache version 2.x or higher is installed.
It is a major problem as some of the enterprise relatedapplications might not support SHA-2 and if the
properactionnottakenthenitwillbecomeaproblem whichmeansyouwill notbe consideredasatrusted
party. In orderto avoidthistype of situations,Symantechascome upwithone of the solution.Symantec
offersone of the SSLCertificate,Symantec® Secure SiteProSHA-1Private.Thiscertificate isofferedoff of
private CA hierarchies(VeriSignPCA3-G1/G2RootCA) whichultimately allowsyoutosupportolder,legacy
devices and systems which are not compatible with the newer, industry-standard SHA-2 Hashing
Algorithm.

2. The uniquenessof Symantec® Secure Site Pro SHA-1 Private certificate,isthatit’snot designedtowork
with any modern browsers. It's available with SHA-1 full chain and SHA-mixed chain and offers support
for RSA and not DSA or ECC. In other words, this SSL/TLS Certificate is perfect solution for using it on
private networkslike office intranets,networkrelatedappliances& for otherenterprise-level functions.
It's anOrganizationlevel certificate,whichoffersupto256-bit&2018-bit signature keyencryptionlevels.
Features & Benefits:
It's a fully business validated SSL certificate which offers high 256-bit encryption with 2048-bit root
Certificate,it supports SHA-1 beyond1/1/2016, support is available for public IP addresses. Support for
RSA Encryption Algorithm,uses full chain of SHA-1 & SHA-mixed chain.Some of the noticeable benefits
youcan getare like FREENorton™ SecuredSeal,VulnerabilityAssessment&Actionable Report,Norton™
DailyMalware Scanning(Behavioral/Predictive),24/7technical support,30daymoneybackguarantee,&
$1,500,000 warranty which is highest on non-EV industry.