What problem would you like to report?
Key Compromise
Use our key compromise reporting tool to revoke the associated certificate.
Use our dedicated tool
Submit a compromised key (or a certificate signing request generated with a compromised key).
Certificate Problem
Inaccuracies, mis-issuance, malware signed with an Entrust public certificate, and other issues.
-OR-
Frequently Asked Questions
Which reporting option should I use?
Visit https://www.entrust.com/contact-support for information on how to get help with general support questions (e.g., password or log-on issues).
Use the online form or email to report a problem that directly impacts the trust in one of our public certificates, such as:
- a compromised private key associated with an Entrust public certificate
- a mis-issued Entrust public certificate (containing inaccurate data or formatting)
- malware signed with an Entrust public certificate
- a compromised authenticator used for 2FA (2-factor authentication) with an Entrust signing service, notably for eIDAS qualified electronic signatures
Use the key compromise reporting tool to report a compromised key*. This will allow us to verify the compromise and revoke the certificate.
*A certificate’s private key is said to be compromised if its value has been disclosed to an unauthorized person, or an unauthorized person has had access to it.
Which Entrust certificates or digital signatures can I report a problem for?
You can report problems related to any publicly trusted certificate issued by Entrust, which includes:
- TLS/SSL certificates
- Code signing certificates
- S/MIME certificates
- Document signing certificates
- Qualified certificates
- Verified mark certificates
You can also report a problem related to our digital signing services and/or related to an eIDAS-qualified electronic signature.
How does the key compromise reporting tool work?
The key compromise reporting tool is the safest, most efficient way to ensure the revocation of the certificate associated with a compromised key.
It’s a simple process: you can either paste the private key (PEM format) in the tool or paste a CSR (PEM format) that you generated using the compromised key. We will verify that the CSR or private key matches an Entrust-issued certificate.
If the verification is successful, we will revoke the certificate within the timeframe required by the relevant industry regulation.
What details should I provide?
The level of details needed may vary depending on the type of issue you want to report. We recommend using the online form, which will guide you through the process and cover the most important details. If you prefer to email us, the more details you can provide about the certificate or service impacted, the more helpful it will be for our support team to start the investigation. As a general rule, too much information is better than not enough.
How will I hear back from Entrust?
Once you’ve reported your issue to us, we’ll send a confirmation email to acknowledge that we have received your report and start our investigation.
Problem Reporting Form
Once you’ve completed this form, use the "Submit" button to send it to us. Alternatively, you can email us at [email protected]