I installed a cert on my server using the wildcard manual method. I realize this manual process has to occur every 90 days and this is the only way to renew. I want to remove this and install it the normal way so I can do it automatically using a cron job. I just need a guide on how to remove what I did and start over.
Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
If you ever do need a wildcard, you can utilize the acme-dns (GitHub - joohoi/acme-dns: Limited DNS server with RESTful HTTP API to handle ACME DNS challenges easily and securely.) project to automate this. It lets you run your own api driven DNS server specifically for LetsEncrypt validation, which can be taken on/offline by Certbot's pre/post hooks. The initial setup and testing of the server, and delegating your ACME challenges to it, usually takes under an hour.
Edit:
The acme-dns approach works like this: You configure a dedicated nameserver on the public internet that will only serve acme-dns challenge responses. On initial enrollment of a domain, the acme-dns server will assign you a dedicated subdomain and API credentials for a desired domain. You then delegate your desired domain's "_acme-challenge" TXT record onto a subdomain the acme-dns server assigns you, and configure a certbot client hook (either based on GitHub - joohoi/acme-dns-certbot-joohoi: Certbot client hook for acme-dns or https://github.com/joohoi/acme-dns-client) with the delegated domain and api credentials. Certbot will then automatically renew the domain by coordinating the challenges between the acme-dns server and client. You will never have to update the main DNS records once delegated to acme-dns, and in the event of a system compromise your API credentials are only able to affect acme-challenges – not real DNS records or accounts with vendors. It is the most (only?) secure way to automatically mange DNS records with Certbot.
With that ACME client, it does require manual processing.
But there may be other ACME clients, and other ways (as mentioned above) to automate the required DNS-01 challenge authentication.
But since you don't really need a wildcard, then maybe we can just move forward without one [without having to move backwards].
I started with a Linux Debian Server with the default Cert from Linode, I ran the manual wildcard installation; now I want to take my server back to where it was before I ran the manual install; I want to remove it. I have several client Linodes/websites I've done this on, and I need a way to reverse it without having to build a new server and move their website.
You really don't need to remove the cert/undo anything.
You can simply get a new cert with whatever name(s) you need on it and just use that one.
Then delete the cert that you no longer need.
But, really, why was it so important to delete them from your server just to make a new one? Each time you renew that cert you'll get a new set. The symlink in the /live/ folder will point to the latest in /archive/
And, each new successful cert or renew will update the renewal conf file for next time.