I keep getting renewal reminders for a cert that I'd created that I've since retired. I no longer wish to receive a renewal reminder for this particular server. The email specifies that I can opt out of email notifications, but I won't get notifications for any of my other servers, which is not what I want. How do I get LetsEncrypt to forget about my old server's cert?
David
You need to find where you request that cert and stop renewing it.
If you let us know how you got that cert we can walk you through it.
=============================
Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is:
I ran this command:
It produced this output:
My web server is (include version):
The operating system my web server runs on is (include version):
My hosting provider, if applicable, is:
I can login to a root shell on my machine (yes or no, or I don't know):
I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):
I'm just using CERTBOT to renew it. I am not going to renew it. Will the notifications just stop if I let it expire?
Yep. We send two notifications and then they're done.
Yes, but, if you haven't deleted the cert profile from Certbot then it will continue to try to renew it. It is best to stop that if you don't need it anymore.
You can run sudo certbot certificates to see all the cert profiles
And sudo certbot delete --cert-name X with the name shown from that list
Make sure you are not referencing those cert files anywhere. Otherwise those services won't start anymore. See here for details: User Guide — Certbot 2.12.0.dev0 documentation
Aside: There are dozens if not hundreds of ways to get certs. While Certbot is very popular it is far from the only way.
While it can be overkill (making Let's Encrypt's servers do more work than necessary), revoking the certificate will also stop the email reminders.
If the reason you're not renewing is that you no longer control the domain name, the Let's Encrypt Subscriber Agreement section 3.2 actually says that you're required to revoke the certificate.
But if it's just that you've consolidate the certificate with another, or switched to another CA, or for whatever reason just don't feel like having a certificate anymore, just ignoring the two reminder emails about it is probably the easiest option.
Perfect. Thanks for confirming.
David
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.