I have setup my SSL cert correctly, no problem there. I just want to cleanup my /etc/letsencrypt folder.
I got email about using old v1 ACME protocol, so I looked into my certbot and found out that I am using some old version - certbot version: 1.2.0. So I installed new one from apt repository. It upgraded my old configuration and seems to be working fine.
But now I have maybe some old files in /etc/letsencrypt/configs/. Files there matches domain name. Are they still used by new certbot 0.31.0?
I think they are not loaded because I have there config “rsa-key-size = 4096” and new keys are only 2k size.
Can I remove them?
I seriously thought there was some change in release numbers. Anyway it means Ubuntu PPA is much much older than my own standalone version.
Is it wrong use such old version? Maybe that PPA is no longer maintained?
Anyway, even after using certbot delete [certificatename], config files are still there. I think they are orphaned. Do you suppose to have any files under /etc/letsencrypt/configs ?
Which mostly talks about Dehydrated or something and then switches to Certbot near the end.
It does explicitly tell you to create a file like that and then specify the -c option.
/etc/letsencrypt/configs/ has to be something that you manually created, or that may have been created by some sort of script or control panel or something that you were using. They aren’t part of Certbot itself and probably never were. Before deleting them, you’d have to determine why they exist and if you’re still using them.
As another example, there’s this tutorial:
Which also tells you to create a cron job that runs a shell script that also relies on those config files.
(And it says to run it precisely at midnight on the first of the month! Do not do that.)
If you’re relying on something like that, you have to switch to a better/different/modern setup before you can delete them.