maybe I'm already good? Qualys SSL Labs - Projects / SSL Server Test / phcorner.net Still the root cert is still SHA1.