Which of the following must a security administrator do when the private key of a web server has been compromised by an intruder?