[BlueOnyx:15151] Re: OpenSSL CVE-2014-0160 (best practices)

[Chris Gebhardt - VIRTBIZ Internet]

Hi Michael,
Thanks for the extensive write-up.   Based on my interaction with 
various other control panels so far this week, it's safe to say that 
BlueOnyx appears to be leading the pack with the eye towards proactive 
information & remediation.

We've been assisting our customers on an as-available basis with the 
mop-up.  I should note that we don't really provide sysadmin services as 
an actual product at VIRTBIZ, but obviously we want to help out whenever 
possible.

On 4/8/2014 6:06 PM, Michael Stauber wrote:
> Yes, this is a lot of work. In the cases where you have to buy new SSL
> certificates it'll also cost money. Think about it and draw your own
> conclusions if it's worth the effort or not. Your answer might be
> different than mine.

In most cases, externally-validated certificates that have been 
purchased through us can be re-issued at no cost based on a new CSR. 
The certificate expiration date will remain the same and won't be 
extended, of course.   (If you're our customer and this applies to you, 
just open a ticket if you'd like our help with this.)

I mention this in the event that it's helpful for anyone currently 
wringing their hands over the cost of a replacement cert.  You may want 
to check with your provider as there may be a similar option for you.

Thanks,
-- 
Chris Gebhardt
VIRTBIZ Internet Services
Access, Web Hosting, Colocation, Dedicated
www.virtbiz.com | toll-free (866) 4 VIRTBIZ