I realize now that I should have done a dry run

I’m building a NAS that will be accessible from the internet. I didn’t pay close enough attention or I’d have noticed that I could do a dry run. Instead, I installed a certificate in the normal manner. It works fine, but I know I’m going to wipe this system and start clean now that I have all the pieces figured out and working together. (I’ve installed and uninstalled and reconfigured a lot of stuff a lot of times to get to this point and I don’t want a messy system like that when it goes live.) So now I’m not sure what to do about the existing certificate. Do I need to try to back it up and copy it to the new server when I get it up to that point again? Or can I just run certbot again and provide the same information (domain name(s), email address, etc…)? I’m really hoping I can just run certbot again because that was fast stupid easy. Any help is appreciated. My domain names are A cuttinej.com and CNAME www.cuttinej.com.

1 Like

Hi @cjohnsonsr1,

Welcome to the community forum!

Please see this document for information about Let’s Encrypt rate limits. On your new setup I’d recommend first attempting issuance against the staging environment.

3 Likes

I appreciate that @Phil_LE, but as I said in my post, I already did a live setup. It’s too late to do a dry run. I had already read the article on rate limits. It didn’t really apply because I only have 1 certificate and I’m only going to need 1 or 2 more at the very most. What I’m concerned with at present is what to do with the existing certificate. I’m not exactly a novice, but this is one aspect of networking that I’ve never had to deal with. What I’d really like is to be able to get rid of the existing certificate and just generate a new one when I’m ready with the newly rebuilt system. I hope that makes sense and I really appreciate the help.

In that case, simply rebuild your system and the old cert will eventually expire. If you really wanted to you could revoke it, but that’s unnecessary.

Thank you so much @Phil_LE. When I got to the part of my project where I needed a certificate I was dreading having to try to learn it all. I had just enough exposure to SSL to know that I needed it and that there was a good reason why some people get paid to handle it. I found Let’s Encrypt by accident in a tutorial and I gotta tell you, I was amazed at how fast and easy it was to get it done. I think I only typed 2 commands into my shell. You folks have really distilled this process down to a fine art. When I did this the 1st time I had more on my plate than I do today. I have a little time now that I could spend actually learning about how some of this works. I’m guessing the key to understanding how to handle something like revoking a certificate lies in the options and arguments to certbot. I’ll take a look at the documentation and see if there’s a man page. And again, I really appreciate the help. Thank you!

1 Like

I’m glad it was easy for you! :slight_smile: Best of luck out there.

1 Like

I’m almost ashamed that I asked the question in the 1st place. Literally took less than 10 minutes to figure it out once I finally started to RTFM. :blush:

sudo certbot revoke --cert-name cuttinej.com

Revoked and deleted the certificate for cuttinej.com and www.cuttinej.com in one smooth move. This is good stuff!

1 Like