Fix Heartbleed Bug (Ubuntu)

I’ve had to mitigate the effects of the recently discovered Heartbleed bug on two Ubuntu servers. It’s actually very easy to fix. Unfortunately most articles out there have a lot of technical fluff and drone on about version numbers and such. So here’s the short version of how to fix Heartbleed on Ubuntu (this should work for most other server OSes too).

  1. sudo apt-get update && sudo apt-get upgrade will update and upgrade your packages including OpenSSL (non-Ubuntu users just use your package manager – by now all the major OSes have patched OpenSSL versions in their repositories)

  2. Now check to make sure you have the fixed version by running openssl version -b. If you see the date as April of 2014 you’re good to go.

  3. Generate a new CSR and key file, send it to your SSL provider, and ask them to reissue your certificates.

  4. Install the new SSL certificates.

That’s it. Enjoy the rest of your day.

I had to do this because was vulnerable to Heartbleed but now it’s fixed. I had trouble sifting through all the noise so hopefully this is helpful to someone like me.

Server administration, Web development

« Installing Comodo Positive SSL Certs on Apache and OpenSSL Create a Weather App with Sinatra and AngularJS - Part 1 »