How to safely remove all old certificates

What is the safe way to remove old expired certificates. Ex. I have cert1.pem, cert2.pem, fullchain1.pem… etc. in the archive folder. I know that live simlinks to these so I don’t want to mess anything up. Ideas?

I should also add csr and keys as well.

@schoen you discussed deleting old keys and certificates in this issue - do you know of a safe strategy that could be applied manually?

Leave the files there. Don't worry about them. Storage is cheap.

Not really a viable answer. I just wrote a shell script to delete old files, rename last downloaded and re-symlink. Painful, dangerous, yes but works.

I have to admit, I’m surprised at such a response as the question was not about cost but rather having 1000’s of unnecessary yet important files hanging around. (See topic mentioned by _az). Could you imagine a directory full of all your old passwords! Just leave them?

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.