How to handle and

I had a valid cert. I changed it: I added a subdomain, and removed an old subdomain. No errors.

But now I have two certs: and And my reverse-proxy/webserver (nginx) still uses the old one.


  • Is it safe to delete the old one? (
  • Then is is safe to rename the new one from to so my existing renewal scripts don’t break?

Or, is it better to delete all certs, and re-issue from scratch? (I won’t hit the limit for this week.)

Hi @lonix1

then change your config so your server uses the new. Then restart, then delete the old certificate via

certbot delete [certificate-name]
1 Like

Thanks Juergen.
Is it possible to rename a cert, or will I break everything if I do that? I’ll make a backup first.

it’s unadvisable, and doesn’t really matter. (you can definitely try)

I don’t know.

You can use --cert-name. Manual deleting or renaming things is always bad.

1 Like

There isn’t a command to do it. It’s possible to do it manually, but it’s very easy to break everything.

(Critically, if you don’t fix the symlinks, Certbot may renew your certificate every day while failing to save the files properly.)

1 Like

For anyone with the same problem, I ended up doing something based on @JuergenAuer’s advice:

  • I made a backup of everything first! :wink:
  • I removed the new cert: certbot delete
  • I updated the old cert: certbot --cert-name --force-renewal ...

That forced it to use the old cert instead of creating a new one.

So now everything works without making changes to nginx, or my renewal scripts etc.

WARNING: make sure you have enough transactions left for the current week!

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.