Am 09.04.2014 19:10, schrieb Reindl Harald:
Am 09.04.2014 19:03, schrieb Robert Schetterer:
Am 09.04.2014 18:42, schrieb Charles Marcus:
What are the ramifications of changing this on a production server? Any possible problems/gotchas? user impact?
in my understanding change ssl key and crts , do all needed ssl updates keep performance mode, if unsure change all passwords too
passwords too, in security mode only keys would have been affected and since this is a attack which no single indication that it ever happened on a machine there is no likely or unlikely
there should no issue if you havent used vulnerable openssl version i.e ubuntu lucid has 0.9.x which is not reported vulnerable anyway ,change passwords from time to time is always clever
Best Regards MfG Robert Schetterer
-- [*] sys4 AG
http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstraße 15, 81669 München
Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263 Vorstand: Patrick Ben Koetter, Marc Schiffbauer Aufsichtsratsvorsitzender: Florian Kirstein