Someone registered a cert for my domain they dont own

It appears that someone has registered my domain that I own in letsEncrpted and created a certificate, What is the process for me to delete the cert that they created? Thanks!

Domain Validated certificates (like Let's Encrypt provides) are issued on the basis of control, not ownership. It’s likely that your hosting provider or site designer had the certificate issued.

Our documentation provides more details about how we validate control of domains: Challenge Types - Let's Encrypt

If you do wish to revoke a certificate, here are instructions: Revoking Certificates - Let's Encrypt

If you wish to exercise more control over validation, we recommend adding CAA records: DNS Certification Authority Authorization - Wikipedia


While I understand what you're saying, in my example that is not the case for us.

This is clearly fraudulent.

We don't have a site designer. Also, our host provider does not have anything to do with the FQDN that this cert has used for the common name. Also the common name has nothing to do with our business.

Also, we cant revoke the cert. The article you pasted states. "If you did not originally issue the certificate, but you have a copy of the corresponding private key, you can revoke by using that private key to sign the revocation request."

We dont have a copy of the private key because we never did this.

How can we revoke this ? We can prove that we have control of our domain.

Revoking Certificates - Let's Encrypt (

If you provide the FQDN, we may be better able to assist you.


Also note that CDNs like Cloudflare will also issue certs for hostnames configured to use their CDN.

But I agree with my fellow volunteer above: having a hostname to double check would help a lot.


By definition it's not possible for someone to request a certificate for your domain if you haven't somehow given them control over that domain or subdomain (either via http or DNS). So you either pointed DNS at their server or they have access to update your DNS records.


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.