Change certbot's internal name for a certificate

As part of some changes I ended up with a certificate named due to splitting an old mutli-doman cert into individual certs. The original certificate that caused the 0001 suffix has been deleted, and I'd like to rename the cert to remove the -0001 suffix.

To be clear, I'm only referring to the certificate name by which certbot refers to it, this has nothing to do with the domain name in the certificate itself.

I did sudo find /etc/letsencrypt/ |grep x\.y\.org which returned following


with the "live" files being symbolic links to the same files in "archive".

Is it the case that all I need to do is

  • rename the .conf file
  • rename the live/ and archive/ directories to remove the suffix
  • update the links in live/ to point to the files in archive\

The renewal configuration file in /renewal/ also contains some values pointing to some directories which would require editing.

And obviously any service pointing to the symlinks in the /live/ directory would need to be modified.

Note that manually modifying anything in /etc/letsencrypt/ is generally discouraged, as it's easy to break Certbot. That said: it's also not rocket science.


Thanks for pointing out the part I missed about the renewal config.

Is this something others might find useful (i.e. a certbot rename function) such that it warrants a feature request?

1 Like

Personally I'd say it would make sense to have such a basic feature, but it hasn't been requested that often here on the Community. You could search and (if not already there) open a feature request on the Github repo. That said, the Certbot team is very small with very little time, so chances are such a feature request which is not often requested would not be implemented for years to come.


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.