Ok, so I updated my OpenSSL on my AWS EC2 server (in order to avoid the heartbleedbug) from v1.0.1c to v1.0.1f . I had to compile it from source and install it. I restarted the server , everything works A OK and openssl is showing the latest version that was released on 7 April 2014. So that's all fine and well, however, I have a security certificate from thawte and when I do the vulnerability test from their website tools, they say that I am still vulnerable.
Does this mean I have to reissue and regenerate my key and certificates ? Or is it just a caching issue from their side ?
Any ideas ?
Yes, you need to reissue your certificates. That's the whole point of patching your vulnerabilities. Recompiling OpenSSL will do you no good unless you are using the
opensslexecutable.