How resolve certificate SHA-1 (chrome)

Question

How resolve this problem in google chrome for my site:

The certificate for this site expires in 2017 or later, and the certificate chain contains a certificate signed using SHA-1.

in Internet Explorer functions normally.

Answer 1

You resolve the problem by getting a new certificate that uses SHA2. The SHA1 algorithm has been proven to have collisions, which means someone could make up a fake certificate and impersonate your site.

Chrome on purpose warns and does not accept those certificates anymore.

Typically, if you revoke and re-issue a certificate with your CA, you will get credit for the remaining time of your existing certificate.

The problem is not with Chrome, but with your certificate being considered 'unsafe' and Chrome taking a hard stance to make sure things are actually secure.