The internet is buzzing with the recently discovered SSL Heartbleed vulenerability. At DNSimple we are working hard to patch all our systems and help our customers protect theirs.
We are preparing updates to OpenSSL on all of our systems. This deployment will be completed before we begin reissuing certificates. In the meantime we recommend holding off purchasing new certificates.
In addition, we are developing a feature that will allow our customers to reissue their SSL Certificates. It will be released later today as well. An announcement will be made on this blog when it is available.
The reissued certificate will be a brand new certificate, created from a new certificate request. If we generate your CSR, then we will also generate a new private key.
Unfortunately, since the Certificate Authorities will likely be overwhelmed with reissue requests, reissuing certificates may take some time.
We will update regularly on the status of our systems regarding this issue. If there is anything in particular that you want to know that we haven't covered here don't heasitate to contact us on our support channel: firstname.lastname@example.org.
- 14:00 GMT: We have started deploying patches to all our affected systems.
- 14:22 GMT: The DNSimple sandbox and production systems are patched and are no longer vulnerable.
- 17:15 GMT: We have updated our production certificates. Our sandbox environment's certificate has not yet been updated.
- 17:26 GMT: We are testing the SSL reissuing system.
- 20:00 GMT: The SSL reissuing system is available for everyone. Please, follow the instructions on our support page.
- 20:20 GMT: A validation error is occurring when customers attempt to submit reissue requests. We are working on a fix. Please, be patient.
- 21:20 GMT: The validation problem has been fixed. Reissuing system should be working as expected.
- 23:00 GMT: There are still customers reporting failures with the reissue feature. We are investigating. Further progress will be reported via our status page