Let’s Encrypt/Certbot移除/remove/revoke不需要的域名证书
<p> </p><p>1.首先确认你的证书不再需要,如果有必要,请执行下面的命令进行备份</p>
<div class="cnblogs_code">
<pre>cp /etc/letsencrypt/ /etc/letsencrypt.backup -r</pre>
</div>
<p>2.撤销证书然后删除证书</p>
<div class="cnblogs_code">
<pre># <span style="color: rgba(51, 153, 102, 1)">certbot revoke ####这个是撤销命令,执行这命令下面会报错要让我指定变量位置</span>
Saving debug log to </span>/<span style="color: rgba(0, 0, 255, 1)">var</span>/log/letsencrypt/<span style="color: rgba(0, 0, 0, 1)">letsencrypt.log
Error</span>! Exactly one of --cert-path or --cert-name must be specified!<span style="color: rgba(0, 0, 0, 1)">
You have </span><span style="color: rgba(0, 0, 255, 1)">new</span> mail <span style="color: rgba(0, 0, 255, 1)">in</span> /<span style="color: rgba(0, 0, 255, 1)">var</span>/spool/mail/<span style="color: rgba(0, 0, 0, 1)">root
# certbot revoke --cert-path /etc/letsencrypt/archive/pazzn.com/<span style="color: rgba(0, 0, 0, 1)">c
cert1.pem cert2.pem chain1.pemchain2.pem
# certbot revoke --cert-path /etc/letsencrypt/archive/pazzn.com/<span style="color: rgba(0, 0, 0, 1)">cert
cert1.pemcert2.pem
# <span style="color: rgba(51, 153, 102, 1)">certbot revoke --cert-path /etc/letsencrypt/archive/pazzn.com/</span><span style="color: rgba(0, 0, 0, 1)"><span style="color: rgba(51, 153, 102, 1)">cert1.pem###撤销这个cert1.pem证书,一般默认都是我这个位置</span>
Saving debug log to </span>/<span style="color: rgba(0, 0, 255, 1)">var</span>/log/letsencrypt/<span style="color: rgba(0, 0, 0, 1)">letsencrypt.log
Starting </span><span style="color: rgba(0, 0, 255, 1)">new</span> HTTPS connection (<span style="color: rgba(128, 0, 128, 1)">1</span>): acme-<span style="color: rgba(0, 0, 0, 1)">v02.api.letsencrypt.org
</span>- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -<span style="color: rgba(0, 0, 0, 1)">
Would you like to delete the cert(s) you just revoked, along with all earlier
and later versions of the cert</span>?
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -<span style="color: rgba(0, 0, 0, 1)">
(Y)es (recommended)</span>/<span style="color: rgba(0, 0, 0, 1)">(N)o: <span style="color: rgba(51, 153, 102, 1)">y##确定撤销</span></span><span style="color: rgba(0, 0, 0, 1)">
#<span style="color: rgba(51, 153, 102, 1)"> certbot delete ###删除证书</span>
Saving debug log to </span>/<span style="color: rgba(0, 0, 255, 1)">var</span>/log/letsencrypt/<span style="color: rgba(0, 0, 0, 1)">letsencrypt.log
Which certificate(s) would you like to delete</span>?
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
<span style="color: rgba(128, 0, 128, 1)">1</span>: pazzn.com-<span style="color: rgba(128, 0, 128, 1)">0001</span>
<span style="color: rgba(128, 0, 128, 1)">2</span>: pazzn.com-<span style="color: rgba(128, 0, 128, 1)">0002</span>
<span style="color: rgba(128, 0, 128, 1)">3</span><span style="color: rgba(0, 0, 0, 1)">: pazzn.com
</span>- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -<span style="color: rgba(0, 0, 0, 1)">
Select the appropriate numbers separated by commas and</span>/<span style="color: rgba(0, 0, 0, 1)">or spaces, or leave input
blank to </span><span style="color: rgba(0, 0, 255, 1)">select</span> all options shown (Enter <span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(128, 0, 0, 1)">c</span><span style="color: rgba(128, 0, 0, 1)">'</span> to cancel): <span style="color: rgba(255, 0, 0, 1)">1</span>
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -<span style="color: rgba(0, 0, 0, 1)">
Deleted all files relating to certificate pazzn.com</span>-<span style="color: rgba(128, 0, 128, 1)">0001</span><span style="color: rgba(0, 0, 0, 1)">.
</span>- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -<span style="color: rgba(0, 0, 0, 1)">
You have </span><span style="color: rgba(0, 0, 255, 1)">new</span> mail <span style="color: rgba(0, 0, 255, 1)">in</span> /<span style="color: rgba(0, 0, 255, 1)">var</span>/spool/mail/<span style="color: rgba(0, 0, 0, 1)">root
# certbot delete
Saving debug log to </span>/<span style="color: rgba(0, 0, 255, 1)">var</span>/log/letsencrypt/<span style="color: rgba(0, 0, 0, 1)">letsencrypt.log
Which certificate(s) would you like to delete</span>?
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
<span style="color: rgba(128, 0, 128, 1)">1</span>: pazzn.com-<span style="color: rgba(128, 0, 128, 1)">0002</span>
<span style="color: rgba(128, 0, 128, 1)">2</span><span style="color: rgba(0, 0, 0, 1)">: pazzn.com
</span>- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -<span style="color: rgba(0, 0, 0, 1)">
Select the appropriate numbers separated by commas and</span>/<span style="color: rgba(0, 0, 0, 1)">or spaces, or leave input
blank to </span><span style="color: rgba(0, 0, 255, 1)">select</span> all options shown (Enter <span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(128, 0, 0, 1)">c</span><span style="color: rgba(128, 0, 0, 1)">'</span> to cancel): <span style="color: rgba(255, 0, 0, 1)">1</span>
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -<span style="color: rgba(0, 0, 0, 1)">
Deleted all files relating to certificate pazzn.com</span>-<span style="color: rgba(128, 0, 128, 1)">0002</span><span style="color: rgba(0, 0, 0, 1)">.
</span>- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -<span style="color: rgba(0, 0, 0, 1)">
# certbot delete
Saving debug log to </span>/<span style="color: rgba(0, 0, 255, 1)">var</span>/log/letsencrypt/<span style="color: rgba(0, 0, 0, 1)">letsencrypt.log
Which certificate(s) would you like to delete</span>?
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
<span style="color: rgba(128, 0, 128, 1)">1</span><span style="color: rgba(0, 0, 0, 1)">: pazzn.com
</span>- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -<span style="color: rgba(0, 0, 0, 1)">
Select the appropriate numbers separated by commas and</span>/<span style="color: rgba(0, 0, 0, 1)">or spaces, or leave input
blank to </span><span style="color: rgba(0, 0, 255, 1)">select</span> all options shown (Enter <span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(128, 0, 0, 1)">c</span><span style="color: rgba(128, 0, 0, 1)">'</span> to cancel): <span style="color: rgba(255, 0, 0, 1)">1</span>
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -<span style="color: rgba(0, 0, 0, 1)">
Deleted all files relating to certificate pazzn.com.
</span>- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -<span style="color: rgba(0, 0, 0, 1)">
#<span style="color: rgba(51, 153, 102, 1)"> certbot delete ###删除完后再次执行就会说没有证书文件了,根据自己需要删除域名指定证书</span>
Saving debug log to </span>/<span style="color: rgba(0, 0, 255, 1)">var</span>/log/letsencrypt/<span style="color: rgba(0, 0, 0, 1)">letsencrypt.log
No existing certificates found.
# certbot revoke
Saving debug log to </span>/<span style="color: rgba(0, 0, 255, 1)">var</span>/log/letsencrypt/<span style="color: rgba(0, 0, 0, 1)">letsencrypt.log
Error</span>! Exactly one of --cert-path or --cert-name must be specified!<span style="color: rgba(0, 0, 0, 1)">
You have </span><span style="color: rgba(0, 0, 255, 1)">new</span> mail <span style="color: rgba(0, 0, 255, 1)">in</span> /<span style="color: rgba(0, 0, 255, 1)">var</span>/spool/mail/root</pre>
</div>
<p> 3.弄完证书后还得删除在nginx.conf配置文件中的ssl配置内容,不然没有了证书,一般就报404什么的了,所以一定要删除</p>
<p><img src="https://img2018.cnblogs.com/blog/1294418/201906/1294418-20190626153408901-1115801493.png" alt=""></p>
<p>删除后记得重启nginx服务,网页就撤销证书了。</p>
<div class="cnblogs_code">
<pre># systemctl restart nginx.service
# </pre>
</div>
<p>最后如图已经撤销:</p>
<p><img src="https://img2018.cnblogs.com/blog/1294418/201906/1294418-20190626153600560-646384280.png" alt=""></p>
<p> </p>
<p>参考链接:https://www.jesusamieiro.com/remove-revoke-a-domain-in-lets-encrypt/</p>
</div>
<div id="MySignature" role="contentinfo">
专业从事搬砖多年,还是在继续搬砖中,厚积薄发~<br><br>
来源:https://www.cnblogs.com/Crazy-Liu/p/11090116.html
頁:
[1]