As you may know, a recent vulnerability known as "heartbleed" has been discovered in OpenSSL through which an attacker could theoretically gain access to the private keys of SSL certificates.
Please make sure that the OpenSSL version used there needs to be updated. The exchange ("REPLACE") of the SSL certificates set up on the servers is advisable in any case, since the server does not have to be affected by this security gap, but the keys of the "old" certificates and other data could be read from the memory if the certificates are not exchanged.
Please note that the security hole in the web server tool OpenSSL occurs, the used EuropeanSSL certificates are of course still absolutely trustworthy.
Of course, you can exchange your current SSL certificates free of charge. Proceed as follows to do this.
Please note that the validation of the certificate becomes necessary again in case of a REPLACE. After you have confirmed the approvermail, the certificate will be reissued to you. We are happy to assist you with this. To do this, please send us the CSR unformatted by email to our support address info@eunetic.com. We will be happy to reissue your certificate.
You will find further information about this security gap at: https://en.wikipedia.org/wiki/Heartbleed
Affected OpenSSL versions:
Not affected OpenSSL versions:
The release of OpenSSL 1.0.1g on April 7, 2014 closes this bug.
You can test whether your site is affected using various reliable tools, such as https://filippo.io/Heartbleed/.
Every system that uses one of the above mentioned affected OpenSSL versions needs to be updated with a patch. OpenSSL itself has released a patch which you can find on the official website : https://www.openssl.org/
It is mandatory to update the OpenSSL software before you exchange the EuropeanSSL certificates on the server.