Pharos To Discontinue Making SSL Certificates for Customers
Summary
For almost two decades Pharos Support has been making SSL Certificates for customers’ servers upon customer request. Support techs use Open SSL to make these certificates and use a MD5 Hash. These are considered a weak cryptographic algorithm which are vulnerable to collision attacks. Using weak SSL certificates puts customer environments at risk for being hacked and this could result in the loss of personal data or financial loss.
Beginning January 1, 2025, Pharos Systems will no longer provide SSL certificates to customers. Pharos recommends your organization investigate external providers that specialize in providing the most secure SSL certificates available. Although Pharos does not recommend one over another, some examples of companies that make SSL certificates are GoDaddy, DigiCert and Comodo. It is up to your internal security department to decide what best suits your organization’s security needs. We understand this might be an inconvenience to your institution. If you have any specific questions, please do not hesitate to contact your Customer Success Manager.
When
This change will start January 1, 2025. Upon request, Pharos Support representatives will continue to provide customers with SSL certificates through the rest of the year.