Using acme.sh; should I remove certbot

gariac · December 19, 2018, 3:15am

I had my first unattended (by me) cert update using acme.sh. Untouched by human hands! That is the good news. I did a yum update and noticed certbot was updated. I then had to instruct my email reader to trust my certs again, though the date of the cert wasn’t changed.

Should I remove certbot? I did a search on the acme.sh bash script and didn’t see a mention of certbot, but I am posting here to be sure.

3.10.0-957.1.3.el7.x86_64 #1 SMP Thu Nov 29 14:49:43 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux

rg305 · December 19, 2018, 3:58am

If you mean to imply “Am I required to remove certbot if using acme.sh?”, (Unless things have changed recently) I don’t think they are in any way “related”, nor do they “overlap” each other - so they can co-exist without concern.
I would cron one or the other (not both) or you will end up issuing new certs twice.

I have test systems with both and both Apache and NGINX - without any issues (related to each other).

danb35 · December 19, 2018, 11:11am

This most likely indicates a misconfiguration of your mail server software or cert, as you should ever have to do this if both are correctly configured.

But as to the subject of the thread, having certbot installed won't hurt anything other than taking a little disk space, but I wouldn't think there's any real reason to keep it either.

Buffalo · December 19, 2018, 7:29pm

I moved from certbot to acme.sh under Ubuntu 18.04, with good results.

I removed the certbot
with the package manager, which failed to remove the systemd timers so you might
want to be sure to remove the left-over junk in /etc/systemd if you delete certbot.

acme.sh depends on cron, which seems more than reasonable to me.

I do find systemd to be a bit of a burden. There is such a thing as software
being way too smart for its own good.

73 de Bill W5GFE

gariac · December 20, 2018, 8:25am

Well I have nothing in /etc/systemd/system/ for certbot. I did a yum remove and it looks safe.

Running transaction
  Erasing    : python2-certbot-nginx-0.27.1-1.el7.noarch                                                         
1/2 
  Erasing    : certbot-0.29.1-1.el7.noarch                                                                       
2/2 
  Verifying  : certbot-0.29.1-1.el7.noarch                                                                       
1/2 
  Verifying  : python2-certbot-nginx-0.27.1-1.el7.noarch                                                         
2/2 

Removed:
  certbot.noarch 0:0.29.1-1.el7                                                                                      

Dependency Removed:
  python2-certbot-nginx.noarch 0:0.27.1-1.el7                                                                        

Complete!

Nothing seen for certbot in when running crontab -e. This is what is entered for acme:

42 0 * * * "/root/.acme.sh"/acme.sh --cron --home "/root/.acme.sh" > /dev/null

Well lets see what happens when the automatic renewal comes.

rg305 · December 20, 2018, 8:39am

For future reference:
crontab -l
should list the contents

system · January 19, 2019, 8:39am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Replace certbot-auto with acme.sh? Help	12	3899	January 10, 2021
Adding certbot when acme is already installed Help	4	284	July 6, 2024
Centos change from acme.sh to certbot; tips? Help	12	1489	December 29, 2021
Migrating Servers: Want to Also Stop Using Certbot Help	18	2049	September 2, 2021
Acmev1 deprecated and certbot unavailable Help	10	1905	August 21, 2021

Using acme.sh; should I remove certbot

Related topics