My certificate private key was exposed .. what i should do

my computer was hacked and someone could have a look upon all my private files including my website details … how can I change my website certificate keys

My domain is: https://appsaraby.com

My web server is (include version): Nginx

The operating system my web server runs on is (include version): Ubuntu 16.4

My hosting provider, if applicable, is: not hosting provided … vps

I can log in to a root shell on my machine (yes or no, or I don’t know): yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): don’t know

# revoke cert, do this for every site you have
certbot revoke --cert-path /etc/letsencrypt/live/"domain"/cert.pem
# revoke account key and create new one
certbot unregister; certbot register
# get a new cert
certbot renew --force

but why don’t you use cloudflare origin CA if you use cloudflare?

3 Likes

Note that you might also want to reinstall (reprovision) your server image—if the attacker wanted to be able to get back in in the future, he or she could have left some kind of back door, for example by replacing some of the software on the system with a corrupted version.

1 Like

thank you … good idea i used cloudflare after while … maybe it is a good time to use their CA

will use old backup server image … thanks for the heads up

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.