I have already discussed Heartbleed in detail and have provided instructions on how to close the hole on affected server. Now that the hole is closed the final step is changing your server’s private key and “re-keying” your SSL certificates. Re-keying simply involves creating a new certificate signing request and sending it to your (most likely) external certification signing authority. Once received, they should send you an updated key pair. The last step will be telling your application that uses SSL (in this case, and many others Apache) to use the new keys. Lets dive in!
(more…)

Heartbleed was a major vulnerability in the SSL protocol used by many many sites and services. Folks have been scrambling to patch it up quickly since it was announced a few days prior.

If you are in the process of doing just that for yourself or your organization, you might be so busy fixing websites and webservers that you forget about other services that also make use of the OpenSSL protocol.

One such service, OpenVPN. Particularly “Access Server” as it has a client-facing Web front-end. Luckily, there is already a new version of access server released and updating your existing servers is quite simple on most Linux distributions.
(more…)