Geek Rewind

How to Delete Let’s Encrypt SSL Certificates

Richard

·

The post provides a guide for students and new users on how to delete Let’s Encrypt SSL certificates using Certbot on Ubuntu Linux. Certbot, a command-line tool, is utilized for creating, renewing, revoking, and deleting these certificates. Instructions are given for signing into the server and using the command terminal to execute deletion commands.

This post shows students and new users steps to delete Let’s Encrypt certificates created using Certbot. Certbot is a command-line tool that simplifies obtaining and renewing Let’s Encrypt SSL certificates.

With Certbot, one can easily create, renew, revoke, and delete Let’s Encrypt SSL certificates using the command line.

By default, Let’s Encrypt will store all the client certificates in the following folders:

  • /etc/letsencrypt/live
  • /etc/letsencrypt/renewal
  • /etc/letsencrypt/archive

When a new certificate is issued, it is stored in the /etc/letsencrypt/live directory—the archive folder stores copies of the live certificates.

If you no longer need a certificate or if the certificate has been compromised, you revoke and issue a new request.

Below is how to revoke a certificate.

How to revoke a Let’s Encrypt certificate on Ubuntu Linux

How to delete Let’s Encrypt SSL certificates on Ubuntu Linux

As mentioned above, Certbot is a command-line tool that simplifies obtaining and renewing Let’s Encrypt SSL certificates.

When you revoke a Let’s Encrypt SSL certificate, a remnant of the certificate may still be on the server. To eliminate certificates you will no longer use, you should use Certbot to delete them.

Below is how to do that.

First, sign into the server and open the command terminal. Then run the commands below for the domain you wish to delete its SSL certificate.

sudo certbot delete --cert-name example.com

Replace example.com with the actual domain name.

If you do not reference the domain name and run the commands below, it will list all the domains registered on the server. 

sudo certbot delete

Then select the one from the list to delete.

Saving debug log to /var/log/letsencrypt/letsencrypt.log

Which certificate(s) would you like to delete?
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1: example.com
2: example1.net
3: example2.org
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Select the appropriate numbers separated by commas and/or spaces, or leave input blank to select all options shown (Enter 'c' to cancel): 1

Select the domain next to the number you wish to delete and press ENTER.

That should do it!

Related post:

Conclusion:

  • Deleting Let’s Encrypt SSL certificates using Certbot is essential for maintaining a secure and organized server environment.
  • After revoking a certificate, remnants of the certificate may still exist on the server, which can be eliminated by using Certbot to delete them.
  • Following the step-by-step process described in this post ensures that unnecessary certificates are removed, optimizing the server’s security and efficiency.
Richard Avatar
Richard
Richard, the owner and lead writer at Geek Rewind, is a tech enthusiast passionate about simplifying complex IT topics. His years of hands-on experience in system administration and enterprise IT operations have honed his ability to provide practical insights and solutions. Richard aims to make technology more accessible and actionable. He’s deeply committed to the Geek Rewind community, always ready to answer questions and engage in discussions. He enjoys watching football, cheering for the Minnesota Vikings, and spending time with his family when he’s not writing or managing Geek Rewind.

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *


Exit mobile version