I had generated the CSR with OpenSSL. Do I need to regenerate a new CSR with no vulnerability due to OpenSSL in order to obtain a new certificate from a CA?
Asked
Active
Viewed 134 times
0
-
Yes. Otherwise you're using the same key, which defeats the purpose. – tylerl Apr 12 '14 at 18:44
1 Answers
0
There is no problem with CSR's generated with a vulnerable version of OpenSSL.
This doesn't mean your keys were not compromised via an actively running server, but it sounds like you understand that.
David Houde
- 5,504
- 1
- 27
- 22