Home  »  ArticlesGuidesHow ToTechnology   »   The Correct Way to Delete a Certbot (Let’s Encrypt) Certificate from Ubuntu

The Correct Way to Delete a Certbot (Let’s Encrypt) Certificate from Ubuntu

Let’s Encrypt, a free and open certificate authority, has made it incredibly easy to secure your websites with SSL/TLS certificates. Certbot, a popular ACME (Automated Certificate Management Environment) client, simplifies the process of obtaining and renewing Let’s Encrypt certificates. However, there might come a time when you need to remove a certificate, whether it’s because the domain is no longer in use or you’ve encountered issues. In this guide, we’ll walk you through the correct and safe way to delete a Certbot certificate from your Ubuntu server.

1. Verify Your Certificates

Before deleting any certificate, it’s crucial to confirm which certificates are currently installed on your server. You can list your certificates using the certbot command. Open your terminal and run the following command:

$ sudo certbot certificates

This command will provide you with a list of the certificates you have obtained, including their domains and expiration dates. Make a note of the certificate you want to delete.

2. Delete the Certificate

To delete a Certbot certificate, you should use the certbot delete command followed by the certificate name or domain you want to remove. Replace your-certificate-name with the actual name or domain associated with the certificate you want to delete:

$ sudo certbot delete --cert-name your-certificate-name

For example, if you have a certificate associated with the domain “example.com,” the command would be:

$ sudo certbot delete --cert-name example.com

3. Confirm the Deletion

After running the deletion command, Certbot will ask for confirmation. Review the information carefully, as you cannot undo this action. Type ‘y’ and press Enter to confirm the deletion.

Are you sure you want to delete the certificate(s)? (y/N)

4. Remove Apache or Nginx Configuration

Deleting the certificate using Certbot removes the certificate files, but it doesn’t automatically remove the configuration for the domain in your web server (e.g., Apache or Nginx). You should also remove the related configuration files.

For Apache, you can use the a2dissite command to disable the site configuration:

$ sudo a2dissite your-certificate-name

Then, reload Apache to apply the changes:

$ sudo systemctl reload apache2

For Nginx, remove the symbolic link from the sites-enabled directory:

$ sudo rm /etc/nginx/sites-enabled/your-certificate-name

After removing the configuration, reload Nginx:

$ sudo systemctl reload nginx

5. Test Your Configuration

Finally, after deleting the certificate and its associated configuration, it’s essential to test your web server’s configuration to ensure there are no issues. Use the following command to check the configuration syntax for Apache:

$ sudo apachectl configtest

For Nginx, use:

$ sudo nginx -t

Both commands should return a message indicating that the configuration is okay. If there are any issues, make the necessary adjustments to your web server’s configuration files.


Deleting a Certbot (Let’s Encrypt) certificate from your Ubuntu server is a straightforward process when done correctly. It involves using the certbot delete command to remove the certificate and then cleaning up the web server configuration, if needed. It’s crucial to verify your certificates, confirm the deletion, and carefully remove any associated server configuration to prevent issues.

By following these steps, you can maintain your server’s SSL/TLS certificates efficiently and keep your web server configurations in a clean and organized state. Always exercise caution when removing certificates, as mistakes in this process can lead to security or service issues on your server.

Found this article interesting? Follow Brightwhiz on Facebook, Twitter, and YouTube to read and watch more content we post.

Available under:
Articles, Guides, How To, Technology