How to Delete an SSL Certificate with Certbot

Sometimes it is necessary to delete a Let's Encrypt SSL certificates generated by Certbot. You can remove them manually by deleting a few files in the /etc/letsencrypt directory, but this is arduous and leaves the risk of making mistakes.

 

Fortunately, Certbot has built-in functionality for deleting SSL certificates, which we will learn how to use in this tutorial.

 

Deleting a Certificate with Certbot

Run the following command to open the delete menu in Certbot:

 

sudo certbot delete
Saving debug log to /var/log/letsencrypt/letsencrypt.log

Which certificate(s) would you like to delete?
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1: skillsugar.com
2: example.com
3: example2.com
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Select the appropriate numbers separated by commas and/or spaces, or leave input
blank to select all options shown (Enter 'c' to cancel):

 

Type the number of the certificate you wish to delete and hit ENTER. To bail out of the operation without making any changes, press C followed by ENTER.

 

Delete by Certificate Name

If you already know the name of the certificate to delete, you can avoid having to use the delete menu by specifying the name of the cert after the --cert-name flag.

 

sudo certbot delete --cert-name skillsugar.com
certbot let's encrypt