I have a cert that installed months ago, inside contains over 40 domains. The cert has expired and when i try to renew the cert with
sudo certbot renew --dry-run
I received error
1 renew failure(s), 0 parse failure(s)
It shows the expired domain(expired_domain.com) that I no longer using…
Under live folder, i have 1 cert (1st_cert.com)
/etc/letsencrypt/live
I have tried this commmand but it’s not working
certbot delete --cert-name expired_domain.com
I received this error
No certificate found with name expired_domain.com (expected /etc/letsencrypt/renewal/expired_domain.com.conf).
My question is how to remove it from this cert so that i can renew my cert with the correct command? Thank you
In other words, you have to run almost the same command you used originally, with the complete list of 39+ names you want in the new certificate, and the --cert-name option added.
The --cert-name argument is the certificate name used by Certbot. It’s used as the name of the /etc/letsencrypt/live/ subdirectory and can also displayed by sudo certbot certificates. In your case, it seems to be 1st_cert.com.
If you need help, please post the actual, unedited output of sudo certbot certificates.
There is an easier but riskier method: you can renew with --allow-subset-of-names.
This will remove all names for which renewal attempts fail. However, it will remove names regardless of whether the renewal attempt failed for an expected or an unexpected reason.
If you use --allow-subset-of-names, Certbot will issue and save a certificate, unless every name fails.
You could then issue another new certificate adding more names the same way you always do – running a Certbot command and selecting every name you want it to include.