Certbot / Letsencrypt certificate uninstall

I had to delete a couple domains from my server lately due to them either moving away from my server, or just simply not being used anymore, so they got deleted.
So I digged around a little bit to find out what to actually do with those certificates.
I was thinking of just deleting the affected certificates but wanted to make sure that that is the appropriate way of doing things. Worst case certbot would just go ahead and renew the certificates again.
After a short time of researching it turns out that there is a delete function built into certbot. So that’s pretty handy and works simply by using the following command:

certbot delete −−cert-name DOMAIN

However, unfortunately this command does not take care of the associated apache configuration. So next time you restart the server or apache, it will break.
So you have to manually take care of that part of the configuration. In my case that is by deleting the ssl-config-file and symlink:

rm /etc/apache2/sites-available/DOMAIN-le-ssl.conf
rm /etc/apache2/sites-enabled/DOMAIN-le-ssl.conf

also, edit the non-ssl config file if you are reverting back to non-ssl (which you shouldn’t) removing the following lines:

RewriteEngine on
RewriteCond %{SERVER_NAME} =DOMAIN
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.