Correct Way to Delete a Certbot SSL Certificate
Normally, you would wait for a certificate to expire, but what if you have an issued certificate for a domain name you don’t need anymore? What is the correct way to completely remove its files from your server?
In a previous tutorial, I’ve explained how to create a Certbot SSL certificate on Ubuntu using the Nginx plugin on a DigitalOcean droplet.
Before we get to the automated deletion of SSL certificates, I’d like to give a shout out to DigitalOcean that hosts all online businesses I’m working on. They are super affordable. If you haven’t given DigitalOcean a try, you can spin up a droplet using this link and start with a $100 credit:
When deleting SSL certificates, it’s not about deleting merely one file manually. You would need to go through at least the following directories and delete the files associated with the domain name.
- /etc/letsencrypt/archive
- /etc/letsencrypt/live
- /etc/letsencrypt/renewal
Command to Delete Certbot Certificate
Luckily, a feature exists to perform the deletion automatically for you. This command will offer an index from which you can select the domain name to delete:
$ sudo certbot deleteType the index number of the domain name’s certificate you want to delete and press enter. The issued certificate will be then deleted.
Delete Certbot Certificate by Domain Name
Reader Tim Thorp kindly provided a more immediate way to delete a Certbot certificate by including the domain name in the command like this:
$ sudo certbot delete --cert-name example.comThis could be useful if the domain name does not appear in the index.
I hope this tutorial helped you in deleting redundant or expired SSL certificates in one go. As mentioned above, if you want to get started with your on VPS on DigitalOcean, sign up with this link to get $50 in credit.
