Let’s Encrypt 証明書の失効・削除

Let’s Encrypt の証明書の再発行等で不要な証明書ができてしまった場合に、証明書の失効&削除の方法。

削除する証明書の確認

sudo certbot certificates

で証明書の一覧を表示して、証明書についている名前を確認する。

失効 & 削除

revoke コマンドで失効をするのだが、そのまま削除するかも確認されるため、一連の流れで失効・削除ができる。

sudo certbot revoke --cert-name <証明書名>
Saving debug log to /var/log/letsencrypt/letsencrypt.log

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Would you like to delete the certificate(s) you just revoked, along with all
earlier and later versions of the certificate?
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
(Y)es (recommended)/(N)o: Y

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
The following certificate(s) are selected for deletion:



WARNING: Before continuing, ensure that the listed certificates are not being
used by any installed server software (e.g. Apache, nginx, mail servers).
Deleting a certificate that is still being used will cause the server software
to stop working. See https://certbot.org/deleting-certs for information on
deleting certificates safely.

Are you sure you want to delete the above certificate(s)?
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
(Y)es/(N)o: Y
Deleted all files relating to certificate xxxxxxx.
Congratulations! You have successfully revoked the certificate that was located at /etc/letsencrypt/live/xxxxxxxx/cert.pem.

<公式サイト>
ユーザーガイド — Certbot 2.7.0.dev0 ドキュメント (eff-certbot.readthedocs.io)

コメント

タイトルとURLをコピーしました