FAQs

A compromised private key allows attackers to impersonate your website. 

Revoking the certificate invalidates it in browsers and prevents trust misuse. 

• On your server or device:  

• Create a new private key. 

• Generate a new CSR (Certificate Signing Request) using the new key. 

• Do not reuse the compromised key. 

• Navigate to: Login - Sectigo 

• Enter your credentials. 

• Go to Orders → Select Certificate → Revoke. 

• Provide a reason: Private Key Compromised. 

• Confirm the revocation request. 

• 

• After revocation, click Reissue. 

• Upload the new CSR generated in Step 1. 

• Complete domain/organization validation if required. 

• Download and install the new certificate. 

• Revocation is permanent; the old certificate cannot be reinstated. 

• Reissue is free during the certificate’s validity period. 

• Notify your security team and update any systems using the old certificate. 

• Use strong encryption (RSA 2048+ or ECC). 

• Store private keys securely (preferably in an HSM).