Hi friends,
On a fresh Debian jessie VPS (Apache/Postfix-Dovecot) I’ve previous installed (by apt-get) letsencrypt.sh and obtained for a single domain its certificates, by “–apache” plugin.
Now I want to go to Certbot (by apt-get);
What I should do for make correctly this switch, considering that now I would use Certbot without “–apache” plugin and instead with “certonly” plugin?
Should remove manually the previous certificates and obtain the new ones by certbot?
Should delete/change the previous configuration file created by “–apache” plugin? And if so, about what files should I make changes?
I’d simply install certbot, then (ideally when it’s time for renewal - i.e. 30 days before the current cert expires) run certbot to create new certificates.
Since you are running in certonly mode, simply edit your apache / postfic/dovecot configs to point to the new certs in /etc/letsencrypt/yourdomain.com/live/
I assume you mean letsencrypt, not letsencrypt.sh. Letsencrypt.sh (since renamed to "dehydrated", IIRC) does not have, and has never had, an --apache plugin.
dpkg -l |grep lets
rc letsencrypt.sh 0.2.0-4~bpo8+1 all ACME client implemented in Bash
rc letsencrypt.sh-apache2 0.2.0-4~bpo8+1 all letsencrypt.sh challenge response support for Apache2