WoSign provides emergency support of free replacement against OpenSSL heartbleed bug
2014-04-08Both domestic and foreign experts pointed out that the OpenSSL heartbleed bug can not only steal confidential data of websites but also steal the private key of SSL certificate in server, which will be disastrous.
To help all the websites that have already deployed SSL certificate prevent from encrypted certificate being stolen, WoSign, the only licensed domestic CA that can completely replace foreign CA, promises to provide free replacement service within 10 minutes no matter from which CA your SSL certificate was issued.
It only takes you 2 minutes to register and then you can apply for certificates of any security level online, including EV certificate, the highest security level with green address bar. We also provide free SSL certificate with one year validation period. If the certificate is not free, we can give you a special treatment of one month payment days in case of emergency. You can first get the certificate to meet the urgent need and make the payments later.
Online application website for WoSign digital certificate: https://buy.wosign.com , helpline: 0755-86008688.
Click here to learn about the comparative advantages between WoSign and foreign brands certificates. Our speed of certificate revocation list query is ten times faster than foreign brands.
Special instruction: WoSign SSL certificate products are of high security. OpenSSL bug is independent of SSL certificate product quality.
WoSign strongly recommend all websites that have deployed SSL certificates to first check if the website has this bug and then upgrade and renew the certificate. Specific steps are as follows:
1) Detecting loophole: http://wangzhan.360.cn/heartbleed/
2) Upgrade: If the bug has been detected, you can upgrade OpenSSL to 1.0.1g version. If you fail to upgrade immediately, you can use –DOPENSSL_NO_HEARTBEATS to recompile. The problem of 1.0.2 will be fixed in the version of 1.0.2-beta2.
3) Renew SSL certificate: It is highly possible that the private key of SSL certificate in your server has been stolen. To ensure the security of SSL certificate's private key, we suggest you to apply for reissuance of new SSL certificate (new private key) and install it in the affected server. Then you can ask for revocation of the original SSL certificate, which is very likely to be stolen.