Regenerating SSL certificates - How to clear out existing ssl data


#1

Backstory:

I needed to add a subdomain to one of my certificates on an existing server. I tried the certbot command with “–duplicate” and also “–expand”. It kept saying it didn’t have the correct permissions to validate it. So I spun up a new server, pointed the A, AAAA, and CNAME records at the new server and re-ran the certbot command again and the ssl certificates were generated.

So what I was wondering is if there is a recommended way to just clear out letsencrypt files/data in order to regenerate the ssl certificates.


#2

Hi,

It’s suggested to revoke the old certificate… Do you happen to keep the old certificate & keys? If so, you can revoke the certificate by executing certbot revoke --cert-path=your cert path (on same account).

If you didn’t keep the old certificate and key (and are confident that it’s destroyed), just let the old cert expire.

Thank you


#3

Thanks! revoke is a good option. So say I had the same problem adding another subdomain on an existing server. The one thing I should try is revoke the certs? Anything else? Clear out directories?


#4

Revoke may be overkill
Try delete first and see if that works for you.


#5

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.