Delete Let's Encrypt Certificate

NethServer Version: 7
Module: Server Certificate

I have to remove one certificate (created with Let’s Encrypt) from my NethServer. How can I do this?

Thanks.
Federico Ballarini

I have do this operation…

  • created a “old-certificates” directory into /etc/letsencrypt/
  • moved /etc/letsencrypt/live/* into old-certificates
  • the same operation for “renewal” directory

Seems it works. What about you?

Federico Ballarini

3 Likes

@federico.ballarini Thank you for the solution, I was actually taking a look at that over the past few days but haven’t had the chance to investigate how to delete one of the certificates.

@alefattorini Just wondering if this may be a good feature request? A delete option for a Let’s Encrypt Certificate would be something good to have. I can foresee situations where a certificate is no longer valid and needs to be removed due to a feature not being used or even due to the certificate itself becoming compromised for whatever reason.

2 Likes

Hi Federico,
would you mark your post as solution please.

I do it now.

1 Like

I’ve done exactly what you propose -> Worked but now, the httpd doesn’t start anymore :frowning: Any ideas to solve this problem?

What I would do is force a renew of the let’s encrypt certificate and before renewing, take out the (sub) domain you don’t want added… The old cert will be invalidated by the new certificate and since you left out cert for a (sub)domain, that one will be without certificate, effectively deleting the certificate for that (sub)domain.

1 Like

…and if the old one does stick around, once the new one’s created, active, and marked as the default, and you’re sure none of your virtual hosts or anything else are depending on the old one, the certbot delete command will take care of it.

2 Likes