I had a valid cert. I changed it: I added a subdomain, and removed an old subdomain. No errors.
But now I have two certs: example.com and example.com-001. And my reverse-proxy/webserver (nginx) still uses the old one.
So:
example.com)example.com-001 to example.com so my existing renewal scripts don’t break?Or, is it better to delete all certs, and re-issue from scratch? (I won’t hit the limit for this week.)
Hi @lonix1
then change your config so your server uses the new. Then restart, then delete the old certificate via
certbot delete [certificate-name]
Thanks Juergen.
Is it possible to rename a cert, or will I break everything if I do that? I’ll make a backup first.
it’s unadvisable, and doesn’t really matter. (you can definitely try)
I don't know.
You can use --cert-name. Manual deleting or renaming things is always bad.
There isn't a command to do it. It's possible to do it manually, but it's very easy to break everything.
(Critically, if you don't fix the symlinks, Certbot may renew your certificate every day while failing to save the files properly.)
For anyone with the same problem, I ended up doing something based on @JuergenAuer’s advice:
certbot delete example.com-0001
certbot --cert-name example.com --force-renewal ...
That forced it to use the old cert instead of creating a new one.
So now everything works without making changes to nginx, or my renewal scripts etc.
WARNING: make sure you have enough transactions left for the current week!
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.