This is an old revision of the document!

PHP RFC: Distrust SHA-1 Certificates


As of 2016-01-01, the CA/B Forum forbids issuing new SHA-1 certificates. The CA/B has advised CAs starting 2015-01-16 to issue no SHA-1 certificates with an expiration date greater than 2017-01-01, as browsers had already announced (see references) to deprecate and remove SHA-1. NIST recommends that SHA-1 should no longer be used for digital signatures. Starting with Java 9, Java will also no longer accept SHA-1 starting 2017-01-01 by default. PHP does not even provide a context option, yet.


This RFC proposes to add a new context option that defines the accepted hash functions. This context option defaults to accepting SHA-1 and SHA-256 in PHP 5.6, 7.0 and 7.1. Starting with PHP 7.2, this will default to SHA-256 only.

Backward Incompatible Changes

SHA-1 certificates are no longer accepted by default starting in PHP 7.2. This change already happens to be almost a year late, as PHP 7.2 is expected to be released near 2017-12-01. This change is justified by the new CA/B rules, browser changes and thus industry standards.

Proposed PHP Version(s)

PHP 5.6, 7.0, 7.1 and 7.2. Only 7.2 defaults to the new behavior.

RFC Impact

New Constants


Future Scope

Once SHA-256 should be become obsolete, the default can be adjusted accordingly.

Proposed Voting Choices

Requires a 2/3 majority.

Patches and Tests





Rejected Features

Keep this updated with features that were discussed on the mail lists.

rfc/distrust-sha1-certificates.1480082313.txt.gz · Last modified: 2017/09/22 13:28 (external edit)