SHA-2

With the existence of a mathematical weakness in Secure Hash Algorithm 1 (SHA-1), namely that computing power has increased to the point where it is conceivable that a hash can now be decoded, as a best practice, SHA-2 is now being transitioned to for all SSL certificates.

For existing certificates, the transition process necessitates the reissuance of the certificate. During this process the option to reissue a SHA-2-based certificate is possible.

New certificates are currently issued in SHA-2. For the small percentage of customers who require a new certificate to utilize SHA-1, this can be accomplished via the certificate reissuance process,provided the certificat's expiry date is prior to 2017. SHA-1 is not supported beyond 2017, and thus a certificate cannot be issued in SHA-1 for a period beyond that date.

The process for reissuance is outlined here.