8 Apr
2014
8 Apr
'14
10:44 p.m.
Be aware that your private key might already have leaked without any notice. So your best bet is to withdraw your certificates and renew all keys/certificates on the affected machines. Yes, I suppose by now everybody has read the general hints on heartbleed.com ; it might even be that previous traffic can be decrypted. You need to change private keys, certificates, etc, all that is used by openssl to identify the communication partner.
JC