We've upgraded our servers and regenerated any cpanel / dovecot / ssh keys. do our customers also need to regenerate a CSR and SSL certificates?
I've not seen any information on this aspect of things.
Thanks
We've upgraded our servers and regenerated any cpanel / dovecot / ssh keys. do our customers also need to regenerate a CSR and SSL certificates?
I've not seen any information on this aspect of things.
Thanks
According to this thread on Unix/Linux SE,
And this answer on Security SE:
And this thread on Serverfault SE:
So yes, I strongly suggest you change any and all keys/certificates. I also recommend reading those threads in their entirety as well as some of the threads they reference. There's quite a bit of information on the bug spread across Security and Serverfault SEs.