The in-house developer for our corporate website and microsites left and he will not provide the username/passwords to the back-end. In the meantime, the certificates have expired because his email address was deactivated and we were unable to renew.
Is it possible to transfer ownership of the account and change the email address so that we can renew the certificates every 60 days?
Thank you for the quick response. Unfortunately, the developer who left not only locked us out of the PC he connected to the server with a SSH key, he will not give us the root password or FTP credentials. We are in the middle of litigation to resolve this. But what do I do in the meantime?
I have to ask this first: Have you tried paying/bribing the former employee to provide you with this information?
The only times I’ve seen issues like this happen in the past:
a company defaulted on paying contractors
an employee was fired, treated badly or forced out by a bad relationship
In both those types of situations, the former employee wasn’t motivated to do any more work for their former employer. Lawyers can send threatening letters and even file suit, but it often makes a situation worse and doesn’t work well in the end.
You can contact Digital Ocean to have the hosting account switched to someone at your company if it is not already. A new developer should be able to gain root access through their control panel and reset the passwords.
Overall, if the certificates aren’t auto-renewing on the server, you won’t be able to renew them in production unless you can get into the server or replace the server with another server. There’s never a way to unilaterally renew certificates from the CA side; the renewal is a new certificate issuance which always has to be requested. While a new certificate can potentially be requested using a different server, it can’t be installed on the live server without administrative access to that server.
Sorry, formulation was not super clear from the first sight. The best option would be accessing Digital Ocean control panel, restore access and re-configure certificates. Here is a screenshot where you can receive new password.
Thank you, everyone, for your help. We ended up hiring a consultant to access the server and renew the certificates. All is well and we can pivot now to deal with GDPR issues.