In the ssl configuration, I created the following two files: xx.com, www.xx.com
Deleted xx.com 3 months ago when it was not needed
certbot-auto delete -d xx.com
I'm not sure if I'm able to delete them. When I look at the crontab update log, I see that an update of xx.com is performed and an error occurs.
Can this error be resolved by deleting /etc/letencrypt/renewal/xx.com.conf?
DEBUG:certbot._internal.main:certbot version: 1.9.0
DEBUG:certbot._internal.main:Arguments:['--cert-name', 'xx.com']
DEBUG:certbot._internal.main:Discovered plugins: PluginRegistry(PluginEnterPoint#apache,pluginEntryPoint#manual,PluginEnterpoint#nginx,PluginEntryPoint#null,pluginEntryPoint#standalone,PluginEntryPoint#webroot)
DEBUG:certbot._internal.log:Root logging level set at 20
INFO:certbot._internal.log:Saving debug log to /var/log/letsencrypt.log
DEBUG:certbot._internal.log:Exiting abnormally:Traceback (most recent call last) :
File "/opt/eff.org/certbot/venv/bin/letsencrypt", line 11, in
sys.exit(main())
File "/opt/eff.org/certbox/venv/local/lib/python2.7/site-packages/certbot/main.py" , line 15, in main
return internal_main.main(cli_args)
File "/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/_internal/main.py", line 1362, in main
return config.func(config, plugins)
File "/opt/eff.org/certbox/venv/local/lib/python2.7/site-packages/certbot/_internal/main.py", line 1267, in renew renewal.handle_renewal_request(confg)
File "/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/_internal/renewal.py", line 414, in handle_renewal_request
File "/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/_internal/storage.py" line 54, in renewal_file_for_certname
"(1)).".format(certname, path))
CertStorageErr: no certificate found with name xx.com(expected /etc/letsencrypt/renewal/xx.com.conf).
ERROR:certbot._internal.log:No certificate found with name xx.com (expected /etc/letencrypt/renewal/xx.com.conf).
When Certbot-auto renew is executed, it will be updated normally as follows.
Running certbot-auto renew from cronTab will result in an error.
Connected, host fingerprint: ssh-rsa 0 11:B9:5F:6A:05:61:E7:52:DA:8C:60:AB:98:2E
:F1:CB:94:87:C0:81:6E:55:E7:22:2D:C4:A5:F3:AB:4A:98:3E
Linux wordpress-1-vm 4.9.0-12-amd64 #1 SMP Debian 4.9.210-1+deb9u1 (2020-06-07)
x86_64
The programs included with the Debian GNU/Linux system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.
Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
permitted by applicable law.
niki@wordpress-1-vm:~$ sudo -i
root@wordpress-1-vm:~# cd /etc/letsencrypt/
root@wordpress-1-vm:/etc/letsencrypt# ./certbot-auto renew
Your system is not supported by certbot-auto anymore.
certbot-auto and its Certbot installation will no longer receive updates.
You will not receive any bug fixes including those fixing server compatibility
or security problems.
Please visit https://certbot.eff.org/ to check for other alternatives.
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Cert is due for renewal, auto-renewing...
Plugins selected: Authenticator webroot, Installer None
Renewing an existing certificate
Performing the following challenges:
http-01 challenge for www.xx.com
Waiting for verification...
Cleaning up challenges
new certificate deployed without reload, fullchain is
/etc/letsencrypt/live/xx.com/fullchain.pem
Congratulations, all renewals succeeded. The following certs have been renewed:
/etc/letsencrypt/live/www.xx.com/fullchain.pem (success)
There was an omission in the form.
I would like to remove the following from the server, how can I do that?
I would like to remove the following definition that is running in certbot-auto renew.
new certificate deployed without reload, fullchain is
/etc/letsencrypt/live/xx.com/fullchain.pem
The process is
certbot-auto delete -d xx.com
will it not be updated next time?
I would like to know if there are any other necessary procedures other than delete.
The delete command is enough by itself, but you should also make sure that the deleted certificate is no longer referenced in any server configuration files (e.g. Apache or nginx configuration), because those configurations will become invalid if they still reference a deleted certificate.