Documentation on certbot revoke is ambigous

I testing the revoke command.

The documentation states:

 Once a certificate is revoked (or for other certificate management tasks), all of a certificate’s relevant files can be removed from the system with the delete subcommand:

Note the key phrase here 'can be removed'. This suggests that the revoke command doesn't delete files.

The following Note reinforces that impression.

If you don’t use delete to remove the certificate completely, it will be renewed automatically at the next renewal event.

If you run the cmd line help you get:

                        Delete certificates after revoking them, along with all previous and later versions of
                        those certificates. (default: None)
                        Do not delete certificates after revoking them. This option should be used with caution
                        because the 'renew' subcommand will attempt to renew undeleted revoked certificates.
                        (default: None)

You will note that neither of these default to enabled.

Given that neither is enabled and the both do opposite actions (the first deletes files the second doesn't delete files) then what is the default action meant to be?

It appears that the default action is to actually delete files which contradicts the documentation.


Thanks for writing this up, filed an issue to fix this.


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.