If you’ve ever mistakenly revoked a certificate for your secure server, you know what a nightmare it can cause. Suddenly your entire website is reporting a giant error message, refusing to allow visitors to look at it. The error message says you could have been hacked. You can easily lose thousands of visitors an hour because of this.
I did this by mistake because my certificate list drop-down on my IIS binding field was getting long and confusing. I just wanted to clean out some of those certificates. I thought revoking them was the way to get them off the list.
I was wrong.
Never, ever revoke a certificate unless you really DID get hacked and need to take your site down. It’s a drastic thing to do.
Here’s how to repair a situation with a revoked secure server certificate.
First, breathe. This can be fixed. Hopefully my hours of hell will get you through this solution more quickly.
Second, you need to DELETE the existing bad revoked certificate. That certificate exists on YOUR SERVER. So the way you find and delete it is via your server’s certificate manager.
Once the bad certificate is completely gone, I suggest rebooting the server. It’s always a good idea to start fresh.
Then go into WinACME or whatever it is you use to create your certificates. I use WinACME with LetsEncrypt to create mine. It’s a free solution. Create a brand new, healthy certificate.
Make sure you shut down all your browsers and then open one up fresh. Then go to your website. Hit control-refresh if need to be to clear out your cache.
You should now be set.
Ask with questions!