How do I get ownership of my SSL Cert with you guys?

jaycee · October 6, 2021, 7:39pm

We currently use Zendesk who used your platform to generate an SSL cert us.
How do we get access to this cert with you guys?
I've just created an account and don't see any support numbers to contact someone on your support team.

Please advise.
-JC.

Osiris · October 6, 2021, 7:40pm

All certificates are public, because they are send to multiple certificate logs. For example, you can search for your certificate at https://crt.sh/

griffin · October 6, 2021, 7:42pm

Welcome to the Let's Encrypt Community, Joe

You might want to read about the ACME process to understand how your certificates are coming into being:

petercooperjr · October 6, 2021, 7:43pm

There is no "support team", other than random people who like helping each other out on these forums.

The "subscriber" for a certificate is whichever entity has the private key, so if Zendesk made the certificate then it's probably with them being the subscriber.

What "access" are you looking for, exactly? I don't really understand your question.

griffin · October 6, 2021, 7:44pm

rg305 · October 6, 2021, 8:51pm

Presuming "cert" means both the public cert and the private key to decrypt with.
You could also get a new one (they are FREE).
[If Zendesk won't release the one they have of yours]

But the bigger question is what do you need "this" cert for?
Or do you just need a similar one to use elsewhere?

jvanasco · October 6, 2021, 9:05pm

You have two options:

Ask ZenDesk to provide you with the Certificate/Chain + PrivateKey
Forget about the ZenDesk Certificate and generate a new Certificate. The easiest way is to follow the directions on https://certbot.eff.org/

If you need to revoke the ZenDesk certificate, you can obtain a new Certificate and use that to revoke the old one. Certbot has instructions on how to do that.

LetsEncrypt isn't like commercial SSL Certificate resellers, where there is a customer portal that allows you to re-download an issued Certificate + Key. It is a (mostly) automated API system; while the Certificates are publicly shared (see links above), the Private Keys are generated on the client computer and never leave it -- they can not be recovered.

orangepizza · October 6, 2021, 9:55pm

unless they use multi-tenant certificate; I think LE require All of SANs to be authed to revoke a certificate without its private key or account it ordered from

griffin · October 6, 2021, 10:11pm

I don't see a critical need to revoke the certificate in this case. If the private key under Zendesk hasn't been compromised, just abandon the certificate under Zendesk to expire naturally and generate a new one away from them.

system · November 5, 2021, 10:11pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.