Deleted host continues to attempt to renew

My domain

I ran this command:
certbot # interactively, to remove the FQDN, which worked, followed by
certbot --renew # which still attempts to renew

It produced this output: [see below]

My web server is (include version): apache 2.6.4

The operating system my web server runs on is (include version): RHEL 7.9

My hosting provider, if applicable, is: N/A

I can login to a root shell on my machine (yes or no, or I don't know): Yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): No

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): 1.10.1

I have a number of vhosts on a particular machine, all protected with Let's Encrypt certs. I recently moved one vhost ( to another machine, so ran certbot interactively to remove the vhost from the certificates on this machine. I verified that it did not show up in the output, was not challenged, and the new certificates for the remaining vhosts wiere properly deployed.

However, any time certbot renew is run, it continues to try to renew the cert for The challenge fails. The output from the certbot renew command is:

certbot renew

Saving debug log to /var/log/letsencrypt/letsencrypt.log

Processing /etc/letsencrypt/renewal/

Cert not yet due for renewal

Processing /etc/letsencrypt/renewal/

Cert is due for renewal, auto-renewing...
Plugins selected: Authenticator apache, Installer apache
Starting new HTTPS connection (1):
Renewing an existing certificate for and 12 more domains
Performing the following challenges:
http-01 challenge for
Waiting for verification...
Challenge failed for domain
http-01 challenge for
Cleaning up challenges
Attempting to renew cert ( from /etc/letsencrypt/renewal/ produced an unexpected error: Some challenges have failed.. Skipping.
All renewal attempts failed. The following certs could not be renewed:
/etc/letsencrypt/live/ (failure)

The following certs are not due for renewal yet:
/etc/letsencrypt/live/ expires on 2021-04-13 (skipped)
All renewal attempts failed. The following certs could not be renewed:
/etc/letsencrypt/live/ (failure)

1 renew failure(s), 0 parse failure(s)


Hi @pmenchini

what says

certbot certificates

There you should see the certificate you don't want to renew.

Triple-check this certificate isn't used.


certbot --delete [certificatename]

to delete the certificate.

1 Like


Thanks, I think you may have hit on the problem. I seem to have 2 certs:

    # certbot certificates
    Saving debug log to /var/log/letsencrypt/letsencrypt.log

    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    Found the following certs:
      Certificate Name:
        Serial Number: 4243ee93b22f9fdfb48feec1a28564f3ccc
        Key Type: RSA
        Expiry Date: 2021-04-13 13:57:31+00:00 (VALID: 89 days)
        Certificate Path: /etc/letsencrypt/live/
        Private Key Path: /etc/letsencrypt/live/
      Certificate Name:
        Serial Number: 3adfacf13f4fb6c9f2f303c00ba583b5ffa
        Key Type: RSA
        Expiry Date: 2021-02-01 16:48:56+00:00 (VALID: 19 days)
        Certificate Path: /etc/letsencrypt/live/
        Private Key Path: /etc/letsencrypt/live/
    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

At one point, broadstreetscientific was the alphabetically first vhost, but then ai came along. It appears that is in the broadstreetscienfic cert.

However, my attempts to delete this obsolete cert fail:

# certbot --delete
  certbot [SUBCOMMAND] [options] [-d DOMAIN] [-d DOMAIN] ...

Certbot can obtain and install HTTPS/TLS/SSL certificates.  By default,
it will attempt to use a webserver both for obtaining and installing the
certbot: error: unrecognized arguments:

[How do you format cli commands and output?--can't seem to find the right tool..]

Thanks for your help so far!


Hello @pmenchini,

Use certbot delete and select the certificate from the list or use certbot delete --cert-name

Before deleting anything it is a good idea to take a backup :wink:


1 Like


Thanks! I guess I got the command syntax wrong. I'm all set.

Appreciate your and Juergen's assistance!




Sorry - happens doing other things - remove the -- :wink:

No worries. I miss 'man certbot', so I poke around with 'certbot --help', but it's not the same.... But, your hit was instrumental in solving my issue!


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.