How to revoke a "hijacked" certificate

The use case is as follows: I registered the domain on namecheap and delegated the DNS to the digitalocean DNS system. Unfortunately I did not registered the domain in digitalocean management system. Another digitalocean user did register my domain and by having the DNS authority was able to create a certificate with LetsEncrypt.

I noticed the problem when trying to register the domain with the digitalocean management system and it was refused as already being in use. This later problem was easily resolved as I can prove that I own the domain, but the existing letsencrypt certificate is still around.

I would like to trigger a revocation process for this certificate and would need some guidance on how the process would look like. I guess a simple certbot revoke will not do the job, since certbot does not know the certificate to start with.

Please see:

If you currently have controle over the hostname, you could use the steps under the paragraph "Using a different authorized account". It explains all the steps.


You might also be able to use this Let's Debug tool. I have never used it personally but it describes your situation exactly.


Thanks a lot for the fast replies. The revocation chapter under the paragraph "Using a different authorized account" describes the situation well.


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.