- SSL Products
- My Account
On May 13, 2008, the Debian project announced that an update to Debian's OpenSSL package in 2006 contains a vulnerability that can weaken the system's random number generator, making SSH and SSL encryption and authentication predictable.
The vulnerability is specific to Debian and does not affect other non-Debian operating systems. However a non-Debian system can be affected if they are using cryptographic keys from an affected Debian system.
Debian has made a patch available, however the patch is only capable of preventing the vulnerability going forward and does not remove a previous occurrence. Therefore for those Debian systems starting with version 0.9.ec-1, it is highly recommended to recreate from scratch any cryptographic key material that has been generated with OpenSSL. For additional information on the vulnerability and information regarding the patch, please see the following Debian security advisory DSA-1571-1.
1. Download and install the Debian patch provided in the Debian security advisory DSA-1571-1.
2. Replace all affected SSL Certificates. GeoTrust® is providing revocation and replacement of SSL Certificates for a limited time at no charge for those GeoTrust® customer's affected by this vulnerability. When generating the new Certificate Signing Request, it is important to ensure the certificate information (Distinguished Name) is identical to the information on the existing certificate.
3. If you have a RapidSSL®, GeoTrust® or Thawte® SSL Certificate please visit the GeoTrust website by Clicking Here to use Issuance Insurance free of charge.
4. If you are unsure if you are affected, Click Here to use the weak key detector published by Debian.
Note : Free issuance insurance will only be granted to affected customers.
The products we offer are reliable, high quality and competitively priced. Trustico® includes a no risk refund guarantee on our SSL Certificate products. Within thirty days of order Customer may request a cancellation and full refund of a Customer qualifying SSL Certificate product for any reason. Our Refund Guarantee