AnsweredAssumed Answered

Vulnerabilities in OpenSSL 1.0.2h

Question asked by Elavarasan K on Sep 25, 2016
Latest reply on Oct 10, 2016 by Matthias Wächter

We are using OpenSSL version 1.0.2h for creating self signed certificates. Recently there are vulnerabilities reported in 1.0.2h version. Is it really necessary to upgrade to 1.0.2i version even if we are using OpenSSL for creating self signed certificates?

 

Command used to generate self signed certificate:

>openssl genrsa -out privkey.pem 2048
>openssl req -new -x509 -sha256 -key privkey.pem -out certificate.pem -days 3650 -multivalue-rdn -config openssl.cfg -subj "<my subject>"

Outcomes