I need to remove a Let’s Encrypt certificate from a domain no longer served from my server. In this example, I will use the www.mydomain.com domain.
I will remove it in 3 steps:
- Backup.
- Revoke the certificate.
- Delete all files relating to the certificate.
Table of Contents
Conventions
# – indicates that the command that follows must be executed with root permissions directly with the root user or with the sudo command.
$ – indicates that the following command can be executed by a normal user without administrative privileges.
Backup
First, I make a backup
# cp /etc/letsencrypt/ /etc/letsencrypt.backup -r
Revoke
Then I revoke the cert
# certbot revoke --cert-path /etc/letsencrypt/archive/www.mydomain.com/cert1.pem Saving debug log to /var/log/letsencrypt/letsencrypt.log Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org
Delete the files
Finally, I delete all files relating to certificate www.mydomain.com
# certbot delete Saving debug log to /var/log/letsencrypt/letsencrypt.log Which certificate would you like to delete? ------------------------------------------------------------------------------- 1: www.domain1.com 2: www.domain2.com 3: www.mydomain.com 4: www.domain3.com 5: www.domain4.com 6: www.domain5.com ------------------------------------------------------------------------------- Select the appropriate number [1-6] then [enter] (press 'c' to cancel): 3 ------------------------------------------------------------------------------- Deleted all files relating to certificate www.mydomain.com. -------------------------------------------------------------------------------