How do I force certbot to issue my certificate for a new domain and not an old one?

Thanks. I will restart my mail servers and test them. Much appreciated!

I've been razor-focused the whole time.

You may still have some cruft floating around in the depths. Certbot really doesn't like manual removals. Hopefully the delete fully worked.

You may need to update the cert path used first.

Only the name of the certificate in certbot has changed, the actual contents of the certificate have not. I'm guessing your original issue, what we still haven't cleared up what that actually is, will be still there.

Which wasn't needed if we just kept the original cert..

Guys, we've only changed the name and location of the cert, nothing else has changed, we've gained soooo little (i.e., none) with too much effort.

Then pick up the razor and shave already (it's no longer "no shave November") ! ! ! - LOL

I concur with @rg305 and @Osiris. Be sure you have the right paths in your configuration. At least you have a working certificate in certbot now to do so.

He already did.............

The original certificate was broken...

Is there a parameter / flag to pass to certbot to ask it for a specific file path name for future reference ?
I only had like 4 config files tied to it so I only had to remove mail from /etc/letsencrypt/live/mail.frick.blog to restart them so no big deal.

I think I should be good to go, running some test emails now.

Thanks for the help everyone!

That's --cert-name.

So..

--cert-name mycert would use mycert in the path.

No, those were all other certs with the suffix -0001, -0002 and -0003. Please see the output of certbot certificates at How do I force certbot to issue my certificate for a new domain and not an old one? which shows a perfectly working cert with the name mail.frick.blog without any suffix.

so --cert-name mycert would result in /etc/letsencrypt/live/mycert/... correct?

Agreed, @Osiris. There were duplicates. I just wanted to sidestep them altogether.

Absolutely correct.

Which probably hasn't fixed the actual issue, as the contents if the cert are exactly the same. Perhaps only the CommonName is different, but as that's not really relevant, we can conclude we've succesfully just renamed the certificate.

There should be a certbot command for that in stead of issuing a new one...

OK, so what other problem(s) now remain unhandled?

@Osiris

It's renamed out of the way of the guts under certbot. @rg305 and I went through a 200 post long nightmare a while back with a guy migrating to a new server. We found out from bmw that certbot uses some stuff buried deep in the apache cache/logs, so even after removing the dead certs from the certbot directories, there remained cruft that messed with reissuance under the old names.

You mean the actual issue from the beginning? Yes, that's what I've been trying to find out before you guys went completely over de zeik omdat een frikkin naampje niet goed was naar jullie mening....

@griffin I'm pretty sure that's not the case here. The certificate name should not matter. If you want to call it "honkieponkie" or some other silly name, be my guest.
I can understand that in some fringe situations it might matter, but now here we stand, with a renamed certificate but not the slighest clue as what the original issue from the OP really is about. Congratz.

Oh @Osiris, Have you never stopped to notice... Look a squirrel ! ! !

Also, don't include me in the "you guys" - I was only looking to take out the garbage.