Heartbleed Update: Regeneration Still the Safest Path
For the past few days, we’ve been investigating the OpenSSL vulnerability known as Heartbleed, looking for ways to remediate in a way that’s both safe and less onerous.
Taking the most conservative approach, we believe the safest, most secure method remains regenerating your certificate authority and all OpenSSL certificates throughout your Puppet-managed infrastructure. We have made some small changes to the procedure to make it both safer and a little easier — safer in the sense that the process itself is more fail-safe.
Visit the Puppet Labs Heartbleed Remediation Overview page for links to the most up-to-date remediation steps appropriate for your infrastructure and platform.
We hope to have more for you in the next few days. Stay tuned.