Yes, once you issue the certificate you are free to remove the TXT records. You’ll need to create new records when you renew with different values, of course, but Let’s Encrypt only checks during issuance.
It’s a good idea to remove them or else some future renewal may fail because the query response (containing all of the historic text records used for previous challenges) is too large.
Let’s Encrypt only checks these at the time of issuance and the expected values for future issuance are always different.
Works for me! perfect, thanks for your help.
How to renew this certificate ?
certbot renew doesn’t work with manual mode. To obtain a renewed certificate, just rerun the command you used to issue the certificate in the first place, and select the “replace existing certificate” option if asked.
Can you provide multiple domains with -d while creating a wildcard cert or should it be one wildcard cert per domain?
Let’s Encrypt certificates can have 1 to 100 names. They can be wildcards or not wildcards in any combination.