Let’s Encrypt Renewal

Yeah yeah, SSL certificates expired like what, a month and a half ago? Anyway, I needed to renew it but it attached a bunch of domains to the certificate on this host and I needed to start over. There are a bunch of options but the most straighforward for me was to just delete everything and start over. So, in the shell:

# cp /etc/letsencrypt /etc/letsencrypt.backup -r
# rm -rf /etc/letsencrypt/live
# rm -rf /etc/letsencrypt/archive
# rm -rf /etc/letsencrypt/renewal/YOURCERTIFICATEDOMAIN.conf
# certbot certonly

At this point it’ll ask you for webroot an’ stuff so just answer the questions and nobody gets hurt. These instructions work for Apache but I’m using NginX, so then you have to edit the configuration for the site(s) in /etc/nginx/sites-available/. There will be a couple lines going like:

ssl_certificate /etc/letsencrypt/live/OLDCERTIFICATEDOMAIN/fullchain.pem; # managed by Certbot
ssl_certificate /etc/letsencrypt/archive/OLDCERTIFICATEDOMAIN/fullchain.pem; # managed by Certbot

Just update them to point to the most current certification location, then restart NginX with service nginx restart



Leave a Reply

Your email address will not be published. Required fields are marked *