Door Anoniem: niet, het certificaat is niet gecompromitteerd maar de verwerking van de gedecrypte data staat in een 64k toegankelijk geheugen. Alleen als je known text aanval vermoed is het handig je cert te updaten.
Het is zeker nodig om beide te vervangen, de keys en de certs die ermee gesigned zijn volgens heartbleed.com:
What is leaked primary key material and how to recover?
These are the crown jewels, the encryption keys themselves. Leaked secret keys allows the attacker to decrypt any past and future traffic to the protected services and to impersonate the service at will. Any protection given by the encryption and the signatures in the X.509 certificates can be bypassed. Recovery from this leak requires patching the vulnerability, revocation of the compromised keys and reissuing and redistributing new keys. Even doing all this will still leave any traffic intercepted by the attacker in the past still vulnerable to decryption. All this has to be done by the owners of the services.