Am 09.04.2014 19:10, schrieb Reindl Harald: > > Am 09.04.2014 19:03, schrieb Robert Schetterer: >> Am 09.04.2014 18:42, schrieb Charles Marcus: >>> What are the ramifications of changing this on a production server? Any >>> possible problems/gotchas? user impact? >> >> in my understanding change ssl key and crts , do all needed ssl updates >> keep performance mode, if unsure change all passwords too > > passwords too, in security mode only keys would have been > affected and since this is a attack which no single > indication that it ever happened on a machine there > is no likely or unlikely
there should no issue if you havent used vulnerable openssl version i.e ubuntu lucid has 0.9.x which is not reported vulnerable anyway ,change passwords from time to time is always clever > > > Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstraße 15, 81669 München Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263 Vorstand: Patrick Ben Koetter, Marc Schiffbauer Aufsichtsratsvorsitzender: Florian Kirstein