Steps to Success:
1.Identify if your web servers are vulnerable (running OpenSSL versions 1.0.1 through 1.0.1f with heartbeat extension enabled). Use our SSL Toolbox to detect this. If you’re running a version of OpenSSL prior to 1.0.1, no further action is required.
2.If your server is impacted, update to the latest patched version of OpenSSL (1.0.1g), or recompile OpenSSL without the heartbeat extension.
3.Generate a new Certificate Signing Request (CSR).
4.Reissue any SSL certificates for affected web servers using the new CSR (do this after moving to a patched version of OpenSSL).
5.Install the new SSL certificate and test your installation.
6.After the new certificate is successfully installed, revoke any certificates that were replaced.
7.Website administrators should also consider resetting end-user passwords that may have been visible in a compromised server memory.
8.Always refer back to the Knowledge Base for more information