Heartbleed - Centos 6.5, Apache - should I recreate pair of default certificate and key

Question

I am using Centos 6.5, Apache 2.2.15 with SSL. Due to heartbleed I have updated openssl to release 16.el6_5.7 and I have restarted the httpd service. I am using default Apache certificate and key:

*/etc/pki/tls/certs/localhost.crt

/etc/pki/tls/private/localhost.key*

So my question is: after updating openssl should I create new pair of certificate and key or is it safe to use default?

Thank you.

score 0 · Accepted Answer · edited Apr 13 '17 at 12:14

0

Replace the certs and keys which were made with the old openssl version as soon as possible. And read the thread mentioned by MadHatter

edited Apr 13 '17 at 12:14

Community

1

answered May 04 '14 at 08:33

b13n1u

980
9
14

Ok, thank you. For now it is not production server. I have it for my personal usage. I read the thread mentioned by MadHatter. – teo May 04 '14 at 09:01

Heartbleed - Centos 6.5, Apache - should I recreate pair of default certificate and key

1 Answers1