Dear Wiki user, You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for change notification.
The "Security/Heartbleed" page has been changed by SebastianBazley: https://wiki.apache.org/tomcat/Security/Heartbleed?action=diff&rev1=4&rev2=5 Comment: Remove unintentional line break 1. Re-key your server. This means creating a new RSA or DSA server key, creating a new CSR for your Certificate Authority, and applying for a replacement certificate. All CAs allow for the revocation of a server certificate due to “key compromise” which is exactly the reason for the re-keying of your server. You should be able to obtain a replacement certificate at no charge, though free-certificate providers may charge a fee for revocation/replacement. + 1. Revoke any certificates that might have been compromised. This does not guarantee that the old certificate cannot still be used in MITM attacks, as most browsers don't check revocations in a timely fashion (if at all). However it should help to catch some attacks. - 1. Revoke any certificates that might have been compromised. - This does not guarantee that the old certificate cannot still be used in MITM attacks, as most browsers don't check revocations in a timely fashion (if at all). - However it should help to catch some attacks. == Is there anything else I need to do? == --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
