Hacker News new | ask | show | jobs
by ef4 4450 days ago
What that tool says is irrelevant to the question of whether those certs have been compromised.

The risk is that before the vulnerability was patched, somebody used it to grab the private keys associated with the certs.
1 comments
singlow 4450 days ago
But what if the key was never used with openssl or heartbeat?
link
andreasvc 4450 days ago
Obviously that would be great, but a tool cannot check that.
link