Manage domain

Buy domain




CloudfloorDNS Knowledgebase

home ->

SSL certificates

Search the knowledgebase  
 

 

Article ID : # Last review : 2009-04-16 00:00:00
#5351

I get the error The CSR uses a key that is believed to have been compromised!

 

I get the error "The CSR uses a key that is believed to have been compromised!"

You may seen this error if you generated your CSR from a version of Linux (debian derivatives) that use a version of openssl with a vulnerability. This version of open SSL was found to be predictable, and this makes any SSL certificate generated off these versions of Linux a security risk. CSR's submitted to the certification authority are now checked to see if they appear vulnerable before issuing.

If you receive this error it does mean you are most likely using a vulnerable version of openssl. Debian has released updates to resolve this issue. Please update your open ssl, regenerate your CSR, and re-submit your request.

The security notice for debian regarding this can be found at http://www.debian.org/security/2008/dsa-1571

   
 

So that we can improve our search results, please let us know, did this help you? YES | NO

Please note that all articles are the property of Microtech Limited and must not be re-produced without express written permission


Subscribe to kb news feed