Hey guys. I just wanted to ask a quick question regarding this topic since it's been a while since the last answer: should one create regular backups of certificates or can I just re-run certbot to get new ones in case my server was rebuilt/migrated?
Thanks and my apologies if this was answered before: I searched and couldn't find a recent answer.
Basically nothing has changed since then. As long as your usage is within Rate Limits you are free to start from scratch. But if you happen to represent a big org with a Rate Limits Adjustment on your account—make sure to at least have your account key/info backed up.
I would suggest that a good practise is to snapshot your server regularly so that you can recover instantly (e.g. restore your snapshot then restore the latest version of any databases/media file backups you have)
Most cloud providers offers regular VM backups (if that's what you're using). Rebuilding a server from scratch is great if you can do it (and have a written procedure for doing so), but most people can't because they fail to document all the finer points of their configuration. For any recovery procedure you should assume you are not the one following it.
If you are recovering backups of certificates then there will be associated web server config (to use those certificates) and ACME client config (renewals, account keys etc).