Certbot Remove a Domain Name from SSL Certficate

On a server, I have an SSL certificate with 2 domains (doaminA.com and domainB.com)

root@Tombe:~# certbot certificates
Saving debug log to /var/log/letsencrypt/letsencrypt.log

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Found the following certs:
  Certificate Name: doaminA.com
    Domains: doaminA.com www.doaminA.com domainB.com
    Expiry Date: 2022-08-18 11:06:35+00:00 (VALID: 6 days)
    Certificate Path: /etc/letsencrypt/live/doaminA.com/fullchain.pem
    Private Key Path: /etc/letsencrypt/live/doaminA.com/privkey.pem
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
root@Tombe:~# 

domainB.com no longer pointed to this server, so the SSL auto-renewal failed because certbot can’t verify the domain name domainB.com

To fix the problem, run certbot without domainB.com

certbot --cert-name domainA.com -d domainA.com -d www.doaminA.com

This will remove domainB.com from the domainA.com SSL certificate.

Example

root@Tombe:~# certbot --cert-name domainA.com -d domainA.com
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator apache, Installer apache

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
You are updating certificate domainA.com to include new domain(s):
(None)

You are also removing previously included domain(s):
- domainB.com

Did you intend to make this change?
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
(U)pdate cert/(C)ancel: U
Renewing an existing certificate

See Letsencrypt

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *