Heartbleed security implications for Service Providers

Aaron Scruggs ascruggs at academicworks.com
Wed Apr 9 16:34:28 EDT 2014

As a service provider who was using a version of openssl that had the
heartbleed bug, what actions should I take to ensure that my shibd daemon
is not vulnerable?

Any general advice is greatly appreciated.  Additionally, I have a few
specific questions:

Do I need to recompile shibd against a new version of openssl or is simply
upgrading openssl on the server good enough?

Do I need to rekey any certs?  Some that come to mind are my Signature cert
and my CredentialResolver key & cert.

Aaron Scruggs
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://shibboleth.net/pipermail/users/attachments/20140409/7e7a261a/attachment.html 

More information about the users mailing list