Certbot is a free and open-source software tool used for managing the Let’s Encrypt certificates. This tool allows users to issue certificates in a single command and also configure the web servers.

The default certbot stores all the client certificates under the below-mentioned directories. We are not recommending you delete files manually. In this tutorial, we will discuss deleting unused SSL certificates using the Certbot command line.

  • /etc/letsencrypt/live
  • /etc/letsencrypt/renewal
  • /etc/letsencrypt/archive

Delete a Let’s Encrypt SSL Certificate

The Certbot also provides you an option to delete certificates automatically for you. To delete an SSL certificate, run the following command.

sudo certbot delete 

This command will show you an index from which you can select the domain name to delete the associated certificate. Just type the index number of the domain name, that you want to delete and hit enter. The issued certificate including other associated files will be deleted.

Deleting Let's Encrypt Certificate using Certbot
Deleting Let’s Encrypt certificate using certbot

You can also specify the domain name with the certbot command as below. This could be helpful if the domain name does not appear in the index list.

sudo certbot delete --cert-name example.com

That’s it.

Conclusion

This tutorial helped you to delete a Let’s Encrypt SSL certificate using certbot command-line tool.