[peterwwillis]

Breach of the CA, not the web host. If the CA is breached there is no point to the encryption.

[charlesbarbier]

It wouldn't break encryption because you don't give away the private key when requesting a certificate from a CA.

It would definitively compromise the identity/trust part of it.

[peterwwillis]

Let me rephrase with a quote from the public-key cryptography wiki:

"An attacker who could subvert any single one of those certificate authorities into issuing a certificate for a bogus public key could then mount a "man-in-the-middle" attack as easily as if the certificate scheme were not used at all."