I'd just like to ask a general question about moving my domain to a new server. The certificates are currently installed on a Ubuntu 14.04 server in AWS and I have a 20.04 server I'd like to move to. I was thinking of pointing my domain to the new server and installing new certificates which would be easier rather than copying them from my old server? If I did that however and I had to switch back to my old server, would those certificates still be valid? Thanks for your advice
Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
If you'd do that, you'd have a (short) period of no certificates. I don't know if you have HSTS configured, but if you do, you'd have a non-functional website. If you for some reason didn't manage to get the certificate(s), your site would be offline for that time.
Also, how much trouble would copying the cert/private key actually be? If you have SSH configured properly, you could just scp the files. I would recommend sending over a tarball of /etc/letsencrypt/ with the archive option used when tarring (so symbolic links and owner/permissions are kept).
Yes, certificates are just plain files. Copy them, delete those copies, use those copies, doesn't matter. Certificates can expire or can be revoked, but that latter is an active procedure, which doesn't just happen when you copy the cert to another server, luckily.
Please not there is a big difference between SFTP and FTPS. SFTP uses SSH and is perfectly fine. FTPS however, is an often poorly implementation of TLS added to the regular FTP protocol. Often poorly, because often only the command channel is encrypted, but not the data! This is of course not very secure.