Support

Guides, Articles and Frequently Asked Questions






  Index | General

Heartbleed bug and EuropeanSSL - How to make your SSL encrypted page safe again.


As you may know, a recent vulnerability known as "heartbleed" has been discovered in OpenSSL through which an attacker could theoretically gain access to the private keys of SSL certificates.

We recommend a timely check of the web server.

Please make sure that the OpenSSL version used there needs to be updated. The exchange (REPLACE) of the SSL certificates set up on the servers is advisable in any case, since the server does not have to be affected by this security gap, but the keys of the "old" certificates and other data could be read from the memory if the certificates are not exchanged.

Please note that the security hole in the web server tool OpenSSL occurs, the used EuropeanSSL certificates are of course still absolutely trustworthy.

 

Of course, you can exchange your current SSL certificates free of charge. Proceed as follows to do this.

  • Update OpenSSL and make sure that the vulnerability no longer exists.
  • Remove the certificate completely from your server.
  • Create a new CSR
  • Log in to your EuropeanSSL account and call up the certificate.
  • Click on the button "Modify".
  • A small popup window opens in which the currently stored CSR is displayed. Please overwrite the existing CSR with the newly generated one and confirm the changes by clicking the "Change" button.

Please note that the validation of the certificate becomes necessary again with a REPLACE. After you have confirmed the Approvermail, the certificate will be reissued to you. We are happy to help you with this. Please send us the CSR unformatted by email to our support address. We will be happy to reissue your certificate.

You will find further information about this security gap, together with further technical details, at: http://heartbleed.com/

 

With the following information you can quickly and reliably check whether your server is affected.

Affected OpenSSL versions:

  • 1.0.1 up to and including 1.0.1f.

Not affected OpenSSL versions:

  • 1.0.1g
  • 1.0.0
  • 0.9.8

The release of OpenSSL 1.0.1g on April 7, 2014 closes this bug.

 

Is my site affected?

You can test whether your site is affected using various reliable tools, such as http://filippo.io/Heartbleed/.

 

How do I fix the problem?

Every system that uses one of the above mentioned affected OpenSSL versions needs to be updated with a patch. OpenSSL itself has released a patch which you can find on the official website : https://www.openssl.org/

Please note: It is mandatory to update the OpenSSL software before you exchange the EuropeanSSL certificates on the server.


Was this article helpful?




This site makes use of cookies to enhance browsing experience and provide additional functionality. By continuing to browse this website you are agreeing to our use of cookies. OK