Warning: Changing to SHA–2 certificates and the end of support for SSL 3.0 communication encryption

About the change to SHA–2 certificates
About the end of support for SSL 3.0 communication encryption

About the change to SHA–2 certificates

As the Mizuho Financial Group is tightening security, server certificates will change from SHA–1 to SHA–2^*. After server certificates are changed, you will no longer be able to use the service from an environment that does not support SHA–2. Therefore, please take necessary action, such as by upgrading your computer's OS and browsers.

^*   What is SHA–2?
SHA–2 is the name of an algorithm used to encrypt communications. Security is improved compared to SHA–1.

When will the change to SHA–2 occur?

Between Wednesday, May 18, 2016 and Thursday, May 19, 2016 (Japan time)
Please be advised the schedule is subject to change due to the status of the operation.

Targeted services

• News Release E–mail Distribution Service
• "Integrated Report" Questionnaire
• Stock Price

Environments that can no longer be used

Computers

The main computer environments that cannot use SHA–2 are as follows.

OS	Windows XP SP2 and earlier, Mac OS X 10.4 and earlier
Browsers	Internet Explorer 6.0 (Windows XP SP2) and earlier browsers, Safari 3 (Mac OS X 10.4) and earlier browsers, Google Chrome 1 to 37 (some OSs that include Windows XP SP2)

 

About the end of support for SSL 3.0 communication encryption

As the Mizuho Financial Group is tightening security, connections using SSL 3.0 communication encryption, which has been reported to have a vulnerability, will be terminated.
After the termination of SSL 3.0, use of the service from environments that do not support TLS 1.0 or above (the successor to SSL 3.0) will no longer be possible.

When will support for SSL 3.0 end?

Between Wednesday, May 18, 2016 and Thursday, May 19, 2016 (Japan time)
Please be advised the schedule is subject to change due to the status of the operation.

Targeted services

• News Release E–mail Distribution Service
• "Integrated Report" Questionnaire
• Stock Price

Environments that can no longer be used

• Those that use Internet Explorer 6 or earlier browsers
• Those that have TLS set to OFF due to browser security settings

Changing settings

For Internet Explorer

Follow the procedure below to enable TLS 1.0, TLS 1.1, and TLS 1.2.
TLS is enabled by default in Internet Explorer 7 and later, thus unless you have changed the settings, you can connect via TLS. It is also recommended that you disable SSL 3.0, in order to further tighten security.

On the Internet Explorer [Tools] menu, click [Internet Options].

On the [Internet Options] dialog box, click the [Advanced] tab.

Under the [Security] category, clear the [Use SSL 3.0] check box and select the [Use TLS 1.0], [Use TLS 1.1], and [Use TLS 1.2] check boxes.

Click [OK].

Exit and then restart Internet Explorer.

Other browsers

• For Firefox and Google Chrome
  Firefox and Google Chrome support TLS, while Firefox 34 & later and Google Chrome 40 & later Web browsers cannot connect via SSL 3.0.
  To the Firefox website
  To the Google Chrome website
• For Safari (Mac OS X)
  Safari (Mac OS X) supports TLS. The SSL 3.0 vulnerability has been patched in OS X Yosemite v10.10, and a software update is available to patch the SSL 3.0 vulnerability in OS X Mountain Lion v10.8 and OS X Mavericks v10.9.
  About Security Update 2014–005
  About the security content of OS X Yosemite v10.10