Ahh - you’re absolutely right - they’re still using SHA1 . Interesting indeed!
The only reasonable explanation I can think of is that newer algorithms are not supported by older systems. Since DO is a low budget provider I’d speculate a fair amount of their customers still use old systems.
Yes, they could run 2 certificates for old and new browsers but that doesn’t work on nginx afaik.
Also DO is now on cloudflare - no idea how that complicates things.
Either way they still have time until January 2017 to find a solution before Google goes bezerk on them.
Speaking of Google and Chrome in particular (since you seem to be concerned about security)
First rule on the internet: never use any google products - never ever - period
Since there is no substitute for the quality of google search results (speaking after months of painfull experiences using DuckDuckGo and similiar crappy engines) you can use https://startpage.com