Как удалить ssl сертификат с сайта ubuntu
Перейти к содержимому

Как удалить ssl сертификат с сайта ubuntu

  • автор:

How to Delete a Let’s Encrypt Certificate using Certbot

Certbot is a free and open-source software tool used for managing the Let’s Encrypt certificates. This tool allows users to issue certificates in a single command and also configure the web servers.

The default certbot stores all the client certificates under the below-mentioned directories. We are not recommending you delete files manually. In this tutorial, we will discuss deleting unused SSL certificates using the Certbot command line.

  • /etc/letsencrypt/live
  • /etc/letsencrypt/renewal
  • /etc/letsencrypt/archive

Delete a Let’s Encrypt SSL Certificate

The Certbot also provides you an option to delete certificates automatically for you. To delete an SSL certificate, run the following command.

sudo certbot delete 

This command will show you an index from which you can select the domain name to delete the associated certificate. Just type the index number of the domain name, that you want to delete and hit enter. The issued certificate including other associated files will be deleted.

Deleting Let's Encrypt Certificate using Certbot

You can also specify the domain name with the certbot command as below. This could be helpful if the domain name does not appear in the index list.

sudo certbot delete --cert-name example.com 

Conclusion

This tutorial helped you to delete a Let’s Encrypt SSL certificate using certbot command-line tool.

zoharbabin / certbotresetcert.sh

This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode characters

certbot certificates
# find the path to the fullchain certificate you wish to reinstall
certbot revoke —cert-path /etc/letsencrypt/live/. # path to the cert from above
certbot delete —cert-name yourdomain.com
rm -Rf /etc/apache2/sites-available/000-default-le-ssl.conf # or whatever the name of the apache conf you had it configured on
rm -Rf 000-default-le-ssl.conf # or whatever the name of the apache conf you had it configured on
sudo apache2ctl restart
certbot # follow the guide to setup the new certificate

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

how to remove or revoke openssl self signed certificates

i haven’t added ssl certificate info, in to my apache default file in : site-enabled config folder but after an apache restart it took effect and i am able get https connection, but with a warning. now i want to remove those self signed certificate. is that possible ? i tried to revoke those certificates with this command — openssl ca -config /root/tls/openssl.cnf -revoke /certs/server-1.crt but the above command didnt work . i am currently very new to ssl certificate generation. any help is appreciated.

Certbot Remove Certificate

Sometimes, there might be a need to remove a certificate managed by Certbot. Perhaps, you no longer need the certificate, or you want to replace it with a new one or you are getting the error “Nginx 403 Forbidden” while opening your website after installing the SSL certificate. Whatever the reason may be, removing a certificate from Certbot is a straightforward process.

In this article, we will discuss how to remove a certificate managed by Certbot in a step-by-step manner.

Table of Contents

Secure Socket Layer (SSL) certificates are an essential part of any website that wants to ensure secure communication with its users. Certbot is a widely used tool for managing SSL certificates on Linux servers.

It is an open-source tool that automates the process of obtaining, renewing, and revoking SSL certificates.

Steps to Remove Certbot Certificate

For this tutorial, we are using CentOS 8, but you can use this method for any Linux distribution, such as Red Hat Linux, Ubuntu, etc.

1. Certbot List All Certificates

The first step is to list all the certificates managed by Certbot. To do this, open a terminal or command prompt window on your server and run the following command:

sudo certbot certificates

Below is the sample output of the command.

[opc@cent8 ~]$ sudo certbot certificates Saving debug log to /var/log/letsencrypt/letsencrypt.log - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Found the following certs: Certificate Name: yourwebsite.com Serial Number: 3026908a2adacbd3a3fd8584b99b7878965 Key Type: RSA Domains: yourwebsite.com www.yourwebsite.com Expiry Date: 2023-05-10 00:55:09+00:00 (VALID: 89 days) Certificate Path: /etc/letsencrypt/live/yourwebsite.com/fullchain.pem Private Key Path: /etc/letsencrypt/live/yourwebsite.com/privkey.pem 

2. Identify the Certificate

Identify the certificate you want to remove from the list. The certificate’s name is listed in the “Certificate Name” column as shown in the above output. Note down the certificate’s name for the next step.

3. Remove the Certificate

To remove a certificate, use the Certbot command-line tool with the delete subcommand followed by the name of the certificate.

For example, to delete a certificate with the name yourwebsite.com, run the following command:

sudo certbot delete --cert-name yourwebsite.com

Below is the sample output of the command.

[opc@cent8 ~]$ sudo certbot delete --cert-name yourwebsite.com Saving debug log to /var/log/letsencrypt/letsencrypt.log - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - The following certificate(s) are selected for deletion: * yourwebsite.com WARNING: Before continuing, ensure that the listed certificates are not being used by any installed server software (e.g. Apache, nginx, mail servers). Deleting a certificate that is still being used will cause the server software to stop working. See https://certbot.org/deleting-certs for information on deleting certificates safely. Are you sure you want to delete the above certificate(s)? - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - (Y)es/(N)o: (Y)es/(N)o: (Y)es/(N)o: y Deleted all files relating to certificate yourwebsite.com.

4. Check for Any References

After removing the SSL certificate, check for any references to it in your server’s configuration files. If you have other services running on your server that use the same certificate, such as Nginx or Apache, you may need to update their configuration files to remove the references to the deleted certificate.

Below is the output from a website configuration file, which you will need to update after removing the SSL certificate using the Certbot command.

5. Verify web server

Once you have removed the SSL certificate entry from your website configuration, make sure to verify your webserver configuration.

For Nginx, you can run “nginx -t” and for Apache, you can run “apachectl configtest

$sudo nginx -t nginx: the configuration file /etc/nginx/nginx.conf syntax is ok nginx: configuration file /etc/nginx/nginx.conf test is successful

6. Restart or reload your webserver

Once you have verified the configuration of your web server, now it’s time to restart or reload your webserver.

You can run the below commands depending upon your webserver.

# For restarting Nginx $ sudo systemctl restart nginx # For restarting Apache server on CentOs and Ubuntu $ sudo systemctl restart httpd $ sudo systemctl restart apache2
# For reloading Nginx Server $ sudo systemctl reload nginx # For reloading Apache Server on CentOs and Ubuntu $ sudo systemctl reload httpd $ sudo systemctl reload apache2
Conclusion

This is how you can remove the SSL certificate managed by Certbot with just a few commands. We hope you like this article “Certbot Remove Certificate”.

In case of any questions or concerns, please let us know through comments.

Добавить комментарий

Ваш адрес email не будет опубликован. Обязательные поля помечены *