Your Private Key is the most critical part of your SSL setup. It is a unique file generated on your server that acts as the "secret key" to decrypt the information sent to your website. At Nixzoehost, we do not store a copy of your Private Key for security reasons.
If this key is accidentally deleted, formatted, or lost during a server move, your SSL certificate will stop working immediately. Because the key cannot be recovered or "re-created" from the certificate, you must perform a Reissue.
Step 1: The "Emergency" Search
Before starting the reissue process, check these locations where keys are commonly stored in cPanel:
-
The SSL/TLS Manager: Go to cPanel > Security > SSL/TLS > Private Keys. Look for any keys created on the date you originally activated your SSL.
-
Hidden Folders: Using the File Manager, look in the
/ssl/keysfolder (this is located outside of yourpublic_htmldirectory). -
Local Backups: If you used an external tool to generate your CSR, check your computer's "Downloads" folder for a file ending in
.key.
Step 2: The Solution Free Reissuance
If the key is truly gone, don't worryyou don't need to buy a new SSL. Nixzoehost offers unlimited free reissues. You simply need to generate a "fresh" pair.
-
Generate a New CSR: Go to your cPanel > SSL/TLS > Certificate Signing Request (CSR) and create a new request. This automatically generates a new Private Key on your server.
-
Submit the Reissue Request: Log in to your Nixzoehost Client Area, select your SSL certificate, and click Reissue. Paste the code from your new CSR.
-
Complete Validation: The Certificate Authority (CA) will ask you to verify domain ownership again (Email, DNS, or HTTP).
-
Install the New Certificate: Once issued, download the new certificate and install it in cPanel. It will now "pair" with the new Private Key you just created.
How to Prevent This in the Future
To avoid the downtime associated with reissuing, we recommend these best practices:
-
Immediate Backups: Whenever you generate a CSR, immediately copy the Private Key into a secure, password-protected text file or a dedicated password manager (like Bitwarden or 1Password).
-
Server Snapshots: If you are using a Nixzoehost VPS, take regular snapshots of your server. This allows you to restore the entire SSL configuration if a file is accidentally deleted.
-
Restrict Permissions: Ensure your
/ssl/keysfolder has permissions set to 600 so other scripts or users on the server cannot modify or delete the files.
A Note on 2026 Security
In 2026, many browsers are beginning to flag certificates that have been "revoked" due to key loss much faster than in previous years. If you know your key is lost, start the reissue process immediately to avoid your visitors seeing a "Your connection is not private" warning.