Is it safe to delete my copied certificates from production server AWS snapshot for my development server on AWS?

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g., so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:

I ran this command:

It produced this output:

My web server is (include version):

The operating system my web server runs on is (include version):

My hosting provider, if applicable, is: AWS

I can login to a root shell on my machine (yes or no, or I don’t know): YES

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): AWS

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): certbot 0.28.0

My questions:

I created a new server ( using my production server ( snapshot.

It therefore have the and let’sencrypt certificates.
Can I safely delete this certificate using the command:

certbot delete --cert-name

and then reissue a new certificate:

certbot --nginx -d

Thank you,

Yes and no.

There’s one problem: If Nginx is configured to use certificate files that don’t exist, it will be unable to reload or restart, which will also prevent you from using “certbot --nginx” to issue new certificates.

So, first, make sure Nginx isn’t using the old certificate. Then you can delete it.

Alternatively, you can replace the old certificate with the new one, using:

certbot --cert-name --nginx -d

You don’t pass two names to certbot delete --cert-name, just one.

certbot certificates can display the “certificate name” it wants you to use.

Hi @jaffaizal

first check if your new dev - subdomain works. Port 80 should be open, no redirect to your other domain.

But - there is a problem (checked with ):

Domainname Http-Status redirect Sec. G 404 0.547 M
Not Found 200 9.140 N
Certificate error: RemoteCertificateNameMismatch 404 0.546 A
Not Found
Visible Content: 404 Not Found nginx/1.10.3 (Ubuntu)

You use your old certificate:
expires in 63 days, - 2 entries

If you delete your certificate, your server will not restart. So first change your config:

  • remove the https vHost complete (or)
  • replace the certificate with a self signed

PS: You don’t need to delete the certificate.

Create a new, then use that. Then (if all works) delete the old with certbot delete.

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.