OpenSSL / Debian (DSA-1571) security notice
Debian announced here http://www.debian.org/security/2008/dsa-1571 that some versions of OpenSSL, released between 2006-09-17 and 2008-05-12, on etch, lenny or sid (but not sarge), have a bug concerning the private key generation (not random enough). It affects Linux Debian and some distributions based on Debian (including Ubuntu, consult a list here) as some casing and appliances.
Updating OpenSSL on an affected platform is not enough to troubleshoot. All the private keys generated while the system was vulnerable, must be re-generated.
We are then asking the users of SSL certificates (server, client or code-signing) that have generated their private key via one of those systems to generate a new private key and CSR in order to request a free reissuance of their certificate. See below.
Note as well, that other componants than SSL are impacted such as OpenSSH and OpenVPN. More information on: http://www.debian.org/security/key-rollover/ and http://wiki.debian.org/SSLkeys
A about Ubuntu, see the USN-612-1 notice. Themost affected versions are 7.04 (Feisty), 7.10 (Gutsy), 8.04 LTS (Hardy).
The overall follow-up of this incident's impacts is assured under the reference CVE-2008-0166.
A tool detecting certificates using a vulnerable private key is available as a Firefox plugin here: http://codefromthe70s.org/sslblacklist.asp .
How to proceed?
- Determine if you are affected: check which version of Linux your are using and which you have been using since 2006-09-17. Enter:
head /etc/*release
- If you think you are impacted, or if you have a doubt, re-generate the keys; But first, make sure your OpenSSL version is up-to-date: set an update of your OS and /or consult the security notice of your distributuion.
openssl version
- Now regenerate the keys and request a free reissuance of your certificate, see Reissuance. To generate a private key and a certificate, see Generate a CSR for Apache
- Do the same for the other affected keys (OpenSSH, OpenVPN, etc.)
Other impacts
In order to prevent any ambiguity, this issue affects our customers systems who have to generate their own private keys. None of our systems, neither the system of our certification authority or of our suppliers certification authorities have been impacted by its incident. The security of the root is still guaranteed.
But if you have created internal certification authorities with OpenSSL and self-signed certificates, make sure you are not vulnerable!
Revocation of the affected certificates
We informed all our customers owning an affected certificate of their situation. Most of them have already reissued their certificates, and are still advising the other ones to do so.