Major browser vendors are taking steps to phase out SHA-1 signed certificates. OES certificates signed with SHA-1 should be replaced with certificate signed with SHA-2 to avoid warning messages to be displayed in browsers.
Section 11.1, Configuring SHA-2 Certificate
Section 11.2, Verifying the Certificates with SHA-2 Signature