Removing certifications from your certbot

Core

So I recently was upgrading certificates on my web server, when one of the sites reported an error:

 - The following errors were reported by the server:

   Domain: xn--skulsvettvangurinn-nub8rmk.is
   Type:   connection
   Detail: Connection refused

   To fix these errors, please make sure that your domain name was
   entered correctly and the DNS A/AAAA record(s) for that domain
   contain(s) the right IP address. Additionally, please check that
   your computer has a publicly routable IP address and that no
   firewalls are preventing the server from communicating with the
   client. If you're using the webroot plugin, you should also verify
   that you are serving files from the webroot path you provided.

The problem I was dealing with was that this domain was a part of four other domains in the cert, and only this one was not responding (for reasons I don't fully understand). 

Anywho, I needed to remove the cert from the chain, so at least the other domains would respond,  but it took me a while to find that answer, which was buried deep within the wilderness of the internet.

In order to remove (or add) a domain to a cert you need to run the certbot command again, with the --cert-name parameter, the domain name and then all the domains that need to remain in the chain plus the one being added. Like this:

certbot --cert-name xxxx.org -d xxxx.org -d aaaaa.org

Now the certbot will let me know what domains are going to be added and which will be removed.

Add new comment

About text formats

Restricted HTML

  • Allowed HTML tags: <a href hreflang> <em> <strong> <cite> <blockquote cite> <code> <ul type> <ol start type> <li> <dl> <dt> <dd> <h2 id> <h3 id> <h4 id> <h5 id> <h6 id>
  • Lines and paragraphs break automatically.
  • Web page addresses and email addresses turn into links automatically.