Certbot Cheat Sheet

Some things I do frequently ...

Establish a New Certificate

I am normally establishing certificates on web sites under Apache httpd, so this is how I do it:

certbot --apache --redirect -d example.com,www.example.com

or

certbot --apache --no-redirect -d example.com,www.example.com

Annoyingly, this adds a new file with a VirtualHost entry for the secure site, instead of adding it to the existing file. To keep things organized, I end up having to combine the two files manually. I know it knows how to modify an existing file, because it does so for the redirect. I wish I could find an option to tell it to just put it all in the same file.

Delete a Certificate

I assume this tells Letsencrypt about the deletion, so it won't send me email reminding me to renew it.

sudo certbot delete --cert-name example.com

It doesn't do anything to the httpd configuration. You'll have to remove that yourself (which is certainly for the best).