Certificate revocation is a process of invalidating an issued SSL certificate. With revocation, a particular certificate identifier is added to the Certificate revocation lists distributed by the Certificate Authorities and to OCSP servers. As a result, browsers and other clients detect that the certificate is invalid and show the corresponding security warning, telling a site visitor that the installed certificate was revoked and should not be trusted.

This is how the warning may look in browser:

If you want to revoke the whole certificate order, you can contact our SSL department via Live Chat or email us to sslsupport@namecheap.com. In your request, please specify the certificate ID/order ID/common name of the certificate you want to be cancelled and revoked, your Namecheap username and account Support PIN. Keep in mind that after the certificate cancellation is completed, the certificate cannot be used anymore, and you will not be able to perform any actions with it in your Namecheap account.

Sometimes, there may be cases when a certificate should be replaced with a new one, while the old certificate is to be revoked. The most frequent scenario for this is that a private key associated with the certificate became compromised. In this case, both the certificate reissue and revocation can be performed in your account with us (provided that the certificate is supplied by Namecheap). For reissue instructions, feel free to refer to this guide.

After the reissue is completed, the certificate management page will have separate entries for the old certificate and for the new one. The latest one will have the status ACTIVE, while the old one will be labeled as REPLACED. Despite this, the certificate with the status REPLACED might still be valid, usable and can be returned by the server without showing any security warning.

In order to invalidate the certificate that was replaced, you need to access your certificate management page:

• Log into the account dashboard;
• Go to SSL Certificates List;
• Locate the certificate with the "Replaced" status which you want to revoke;
• Click "Details" next to it.

On the next page, you'll see the certificate details. Locate and click the "Revoke" button to the right.

Confirm your action in the pop-up window by clicking "Revoke SSL":

Now, the certificate status is reflected as "Revoked" in the SSL Certificates List:

Note: If during the reissue of a Sectigo certificate you have changed the common name of the certificate, the replaced certificate gets revoked automatically. Therefore, there is no need to revoke it additionally. The certificate status in your account will be also shown as Revoked.

After the certificate is revoked, it will be added to the certificate revocation list by the Certificate Authority within the time frame usually specified in the CA policy for the certificate. You will need to uninstall the certificate from the website if it is revoked - otherwise, browsers will show the security warnings. Additionally, you can check whether or not the certificate is revoked using the following checking tool: https://decoder.link