Regenerating SSL certificates - How to clear out existing ssl data



I needed to add a subdomain to one of my certificates on an existing server. I tried the certbot command with “–duplicate” and also “–expand”. It kept saying it didn’t have the correct permissions to validate it. So I spun up a new server, pointed the A, AAAA, and CNAME records at the new server and re-ran the certbot command again and the ssl certificates were generated.

So what I was wondering is if there is a recommended way to just clear out letsencrypt files/data in order to regenerate the ssl certificates.



It’s suggested to revoke the old certificate… Do you happen to keep the old certificate & keys? If so, you can revoke the certificate by executing certbot revoke --cert-path=your cert path (on same account).

If you didn’t keep the old certificate and key (and are confident that it’s destroyed), just let the old cert expire.

Thank you


Thanks! revoke is a good option. So say I had the same problem adding another subdomain on an existing server. The one thing I should try is revoke the certs? Anything else? Clear out directories?


Revoke may be overkill
Try delete first and see if that works for you.


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.