Heartbleed Bug – don’t panic

It recently came to light that there was a serious programming error within OpenSSL, an open source security feature. There is a risk this may endanger encryption keys and data of SSL connections on the Internet. Basically, this allows anyone to read out the memory of vulnerable servers. Specifically, this means an attacker can read keys, passwords and other private information.

Our main server did not have the affected version of OpenSSL installed therefore our client websites are safe. Our email server did have the affected version of OpenSSL installed and therefore was patched on Tuesday morning as soon as the vulnerability was announced. We have also reissued our SSL certificate used by our client to secure customers’ data.

If a SSL certificate is reissued you might receive a “Certificate cannot be verified” error message. To solve this, click Show certificate and then tick the “Always trust” checkbox. Our certificate is in the name of “extendcp.co.uk”.