Reminder: Your Third Part Certificates May Need Replaced

If you have certificates issued from one of the major Certificate Authorities, you may have received an email as a follow-up to the ongoing issue with Debian and Ubuntu OpenSSL certificate generation.

Per Verisign's letter:

If you are running Debian operating systems and derivatives (such as Ubuntu) released between September 17, 2006 and May 12, 2008 you should deploy a recently replaced Debian patch and revoke and replace all SSL and Code Signing certificates for which the keys were created on these operating systems.

It looks like Thawte and Verisign are replacing certificates at no charge - and Comodo is using it as an opportunity to attract more customers by offering to replace other's certificates free of charge.