Menu
picture of tbs certificates
picture of tbs certificates
Certificates
Our products range
Partners
Support
Focus


Detection of a compromised certificate or private key

To identify if a private key or a certificate is compromised, the authorities have at their disposal several internal tools which "scan" the web (and the "dark web") continuously.

Any web user can also report to the authority if they have identified a compromised key or a fraudulent certificate (see Report a fraudulent or compromised certificate).

What actions are done by the authority?

If a private key or certificate is identified as compromised:

  1. Revocation of the concerned certificate by unilateral decision of the authority within 24 hours (no going back possible).

  2. An alert email is immediately sent by the authority to the various contacts it has in its possession in relation to the certificate concerned.

What are the remedies?

TBS INTERNET and the authority will not be able to grant any request concerning the revocation period of the compromised certificate or its reissue. This will be systematically refused.

Note: no information can be provided regarding the nature of the certificate compromise.

Also: TBS INTERNET cannot be held responsible in this type of situation. No compensation or reimbursement will therefore be granted from TBS CERTIFICATES or the authority.

For the rest?

We strongly recommend that you hire a security expert to analyze your infrastructure, in order to check whether there are any internal or external leaks.

In order to secure your servers again, you must order a new certificate (not a renewal).

Useful links