GlobalSign Blog

11 Apr 2014

3 Tips to Replacing your Certificates in response to Heartbleed

Your IT department may be scrambling to replace any and all certificates that were potentially compromised by the Heartbleed bug. Here are 3 things you should know when reissuing certificates:

1. All Globalsign Certificates are reissued for free with no charge for rekeying.

While some CA's may charge you to rekey, GlobalSign provides this service to all of our customers free of charge. This has and will continue to be our policy for all of our customers.

2. You should be reissuing with a new private key

Reissue your certificates with a new private key, since the original one may have been compromised. We offer free reissuance to all direct SSL customers. Here's how:

1. Generate a new private key

2. Generate a new CSR - If you use GlobalSign's AutoCSR option, a unique keypair will be automatically generated upon reissue.

Use GlobalSign's free CSR tool to generate the appropriate command line for each of your applications.

3. Install and test the new certificate before revoking the old certificate.

Be sure to check out today's article that goes into detail about Heartbleed, reissuing private keys, patching servers, and more.

3. If your CA is charging for rekeying, it may be time to consider other options.

If you're evaluating your CA, now is a great time to consider GlobalSign. We will never charge you for rekeying or reissuing Certificates. Switching to GlobalSign is hassle free, we'll provide you with a 30% discount and include all the remaining time on your current certificate plus additional time when you switch! See our offer today.

Share this Post

Subscribe to our Blog