Revocation of the certificate


#1

Good evening,
I am a beginner in IT. I recently set-up a server in my house to host a website.
I asked for a certificate one month ago.
This morning, just for fun i thought i would reset the all thing -erasing and reinstalling- so now the certification public and private keys are gone.
Now i can’t login in the user interface of my server because firefox do not let me add a security exception
I have read this :
https://letsencrypt.org/docs/revoking/ and installed certbot but i more or less understand their are not many chance to revoke the certificate without the keys.
Is their anyway i revoke the certificate without any key or do i have to wait 60 days to reach the 90 days for the certificate not to be renewed ?
Thank you for the time you will take to reply

My domain is: pigeonsrapides.fr

My web server is (include version): brique internet / olimex lime2 ARM

The operating system my web server runs on is (include version): (was) Yunohost 2.7.1

My hosting provider, if applicable, is : myself
My domain name is registered at godaddy

I can login to a root shell on my machine (yes or no, or I don’t know): not anymore

I’m using a control panel to manage my site (no,.


#2

First off, this is not a reason to revoke the certificate. That’s only needed if the private key has been compromised - it has not effect on rate limits or anything.

You can issue a new certificate at any point (inside the max attempts for the various rate limits - up to five duplicate certificates in seven days being the first one to watch for) by just following the same process you used to issue this initially.


#3

Thank you.
but as firefox says :
This website uses HTTP Strict Transport Security to tell firefox to only establish secure connexions. Therefore it is not possible to add an exception safety for this certificate.
Ce site a recours à HTTP Strict Transport Security (HSTS) pour indiquer à Firefox de n’établir qu’une connexion sécurisée. Ainsi il n’est pas possible d’ajouter d’exception pour ce certificat.
How can i logg in the user interface of the server ?


#4

Can you administer the server via a command line, using an ssh client?


#5

If you can use Chromium/Chrome instead of Firefox, you can type in thisisunsafe at the HSTS error screen to bypass it. (Before Chrome 65, you need to type badidea).


#6

Good Morning,
Thank you for telling me it was not a certificate problem.
not sure it is of interest but if anybody has the same problem here is how to get rid of this problem with firefox :
delete all appearance of the adress in the history
CLOSE FIREFOX IF NOT HE REWRITES the MODICATIONS
find the folder SitesecurityService.txt in the profile folder Mozilla/firefox
open it and delete the lines corresponding to the problematic adress
restart firefox
Thank you for your help and sorry for taking the wrong direction :slight_smile:


#7

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.