Over the last week Google announced that they were going to stop supporting the SHA-1 algorithm for signing certificates.
Because of this I have created a couple of posts explaining how to migrate to SHA-256 based signatures.
Since I wrote those pages other security companies have started to post their own migration strategies.
In addition, all the major Certificate Authorities (CA) have started providing customers information specific to their services. So if you have certificates already, then contact your CA for further migration help.