How do I get ownership of my SSL Cert with you guys?

We currently use Zendesk who used your platform to generate an SSL cert us.
How do we get access to this cert with you guys?
I've just created an account and don't see any support numbers to contact someone on your support team.

Please advise.


All certificates are public, because they are send to multiple certificate logs. For example, you can search for your certificate at


Welcome to the Let's Encrypt Community, Joe :slightly_smiling_face:

You might want to read about the ACME process to understand how your certificates are coming into being:


There is no "support team", other than random people who like helping each other out on these forums.

The "subscriber" for a certificate is whichever entity has the private key, so if Zendesk made the certificate then it's probably with them being the subscriber.

What "access" are you looking for, exactly? I don't really understand your question.




Presuming "cert" means both the public cert and the private key to decrypt with.
You could also get a new one (they are FREE).
[If Zendesk won't release the one they have of yours]

But the bigger question is what do you need "this" cert for?
Or do you just need a similar one to use elsewhere?


You have two options:

  1. Ask ZenDesk to provide you with the Certificate/Chain + PrivateKey
  2. Forget about the ZenDesk Certificate and generate a new Certificate. The easiest way is to follow the directions on

If you need to revoke the ZenDesk certificate, you can obtain a new Certificate and use that to revoke the old one. Certbot has instructions on how to do that.

LetsEncrypt isn't like commercial SSL Certificate resellers, where there is a customer portal that allows you to re-download an issued Certificate + Key. It is a (mostly) automated API system; while the Certificates are publicly shared (see links above), the Private Keys are generated on the client computer and never leave it -- they can not be recovered.


unless they use multi-tenant certificate; I think LE require All of SANs to be authed to revoke a certificate without its private key or account it ordered from


I don't see a critical need to revoke the certificate in this case. If the private key under Zendesk hasn't been compromised, just abandon the certificate under Zendesk to expire naturally and generate a new one away from them.

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.