Major browser vendors are taking steps to phase out SHA-1 signed certificates. OES certificates signed with SHA-1 should be replaced with certificate signed with SHA-2 to avoid warning messages to be displayed in browsers.
Section 12.1, Configuring SHA-2 Certificate
Section 12.2, Verifying the Certificates with SHA-2 Signature