[TYPO3-typo3org] SSL certificate expiring in two weeks
steffen.gebert at typo3.org
Fri Apr 11 13:46:00 CEST 2014
-----BEGIN PGP SIGNED MESSAGE-----
as we are running Debian Wheezy on several servers, yes, we were
vulnerable to the Heartbleed attack.
There was the plan to publish a statement about how we were affect, I
admit that I don't know the current status, as I haven't had so much
spare time the last days.
The new certificate was installed about at the same time as the
updates were installed. However, we found a component (our Chef
server) that was still running a vulnerable version, as it brings its
own openssl library.
Therefore our team generated a new key this morning, the CSR was afaik
already sent and we will rollover to another new cert during during
the next couple of hours (and then revoke the old certificate).
TYPO3 Server Administration Team Member
TYPO3 .... inspiring people to share!
Get involved: http://typo3.org
My wish list:
On 11/04/14 12:43, Stephan Großberndt wrote:
> while reading about SSL certificates...
> Have any typo3.org servers been compromised by the heartbleed bug?
> Regards, Stephan
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.22 (Darwin)
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
-----END PGP SIGNATURE-----
More information about the TYPO3-team-typo3org