Delete ALL certificates

Hello - for the 2nd time I have deleted ALL certificates from my server - Please can you put a safety check on the "leave blank to delete all certs" like "are you sure you wish to trash your server Y/n"
I am sure there are folks out there just as stupid as me.

1 Like

Which client are you using?

1 Like

ubuntu 18.04 - not sure what version certbot but it is only a few months old.
This is amazing software, I used to pay a lot for SSL.
A gui version would be epic.

1 Like

Automation is the goal.
GUIed automation - is that really needed?

1 Like

Also, did you have just one certificate or more than one?

Because certbot should ask you which certificates to do an operation on if you look at the code:

(get_certnames is envoked from the delete command in main.py)

For some users, a GUI just for setting up could be helpful, yes. Not everybody has much CLI experience. In the past, I have made an argument that perhaps not everybody should be trying to apply HTTPS to their sites because of lack of knowledge perhaps doing more harm than good. But that argument was apparently invalid. So lack of CLI experience then also shouldn't be an argument for not being able to use certbot :wink:

2 Likes

Can you show the screen of just before "everything cert gets deleted"?

1 Like

Ah, wait.. It seems my post about the get_certnames was not very helpful, as the quoted line above suggests @koolwebs actually did get this question about multiple certificates.

The code of certmanager.delete() indeed does not explicitly ask for confirmation:

I guess between lines 92 and 93 there's a perfect moment for reflection and present the user with the (set of) certificate(s) he/she's about to delete and ask for confirmation.

@koolwebs I think the best thing to approach this is to open an issue on the certbot Github page. Feeling up to that?

I think this could be best be solved by summarize the list of certs to be deleted above the for loop and add another disp.notification with "Are you sure?" and pause=True. But this is rather hard to test on a production server.. And I don't have a testing environment, so I'd need to fix one :stuck_out_tongue:

2 Likes

Wrote an issue: https://github.com/certbot/certbot/issues/8347
Wrote a fix: https://github.com/certbot/certbot/pull/8349

4 Likes

Thanks for the info, I have logged it on github

3 Likes