User Tools

Site Tools


linux:certbot_cheatsheet

[CHEATSHEET] Certbot

Show certificates

certbot certificates

One liner of the dead to show all the certificates an file identifier:

/usr/bin/certbot certificates | grep -E "Name|Domains" 2> /dev/null | while read LINE ; do \
  [[ "${LINE}" =~ Certificate\ Name:\ (.*)$ ]] && CERTNAME=${BASH_REMATCH[1]} ; \
  [[ "${LINE}" =~ Domains:\ (.*)$ ]] && DOMAIN_LIST=${BASH_REMATCH[1]} ; \
  if [[ "${DOMAIN_LIST}" ]] ; then echo "####### ${CERTNAME} ->" ; \
  for i in  ${DOMAIN_LIST} ; do \
    echo ${i} ; done | sort  ; \
    DOMAIN_LIST=""; CERTNAME="" ; fi ; done

Add a domain to the chain (expand)

certbot --expand -d ciberterminal.net,site2.ciberterminal.net,NEWSITE.ciberterminal.net

One lire to use with the expand syntax:

/usr/bin/certbot certificates | grep -E "Domains:" 2> /dev/null | awk -F:\  '{print $2}' | tr ' ' ','

Delete a certificate

That is, delete a chain of certificates.

certbot delete

For example:

[root@ciberterminal sites-available]# /usr/bin/certbot certificates
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Renewal configuration file /etc/letsencrypt/renewal/ciberterminal.net-0001.conf produced an unexpected error: renewal config file {} is missing a required file reference. Skipping.
Renewal configuration file /etc/letsencrypt/renewal/ciberterminal.net-0002.conf produced an unexpected error: renewal config file {} is missing a required file reference. Skipping.
 
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Found the following certs:
  Certificate Name: ciberterminal.net-0003
    Serial Number: 4f5806d8f1a2a76940f738e3c190a36c8c5
    Key Type: RSA
    Domains: ciberterminal.net aleasbcn.com anon.ciberterminal.net anonaddy.ciberterminal.net blog.ciberterminal.net cloud.ciberterminal.net collabora.ciberterminal.net cv.ciberterminal.net dokuwiki.ciberterminal.net en.cv.ciberterminal.ne
t es.cv.ciberterminal.net git.ciberterminal.net mattermost.ciberterminal.net nextcloud.ciberterminal.net unsubscribe.ciberterminal.net wiki.ciberterminal.net www.aleasbcn.com www.ciberterminal.net
    Expiry Date: 2022-08-15 22:08:28+00:00 (VALID: 46 days)
    Certificate Path: /etc/letsencrypt/live/ciberterminal.net-0003/fullchain.pem
    Private Key Path: /etc/letsencrypt/live/ciberterminal.net-0003/privkey.pem
  Certificate Name: ciberterminal.net-0004
    Serial Number: 42743f741b9c0f0ea1374fdf13bae3ff91a
    Key Type: RSA
    Domains: ciberterminal.net aleasbcn.com anon.ciberterminal.net anonaddy.ciberterminal.net blog.ciberterminal.net cloud.ciberterminal.net collabora.ciberterminal.net cv.ciberterminal.net dokuwiki.ciberterminal.net en.cv.ciberterminal.ne
t es.cv.ciberterminal.net mattermost.ciberterminal.net nextcloud.ciberterminal.net pass.ciberterminal.net unsubscribe.ciberterminal.net wiki.ciberterminal.net www.aleasbcn.com www.ciberterminal.net
    Expiry Date: 2022-09-10 22:08:00+00:00 (VALID: 72 days)
    Certificate Path: /etc/letsencrypt/live/ciberterminal.net-0004/fullchain.pem
    Private Key Path: /etc/letsencrypt/live/ciberterminal.net-0004/privkey.pem
  Certificate Name: ciberterminal.net
    Serial Number: 491031c011ff9298faa7ac93eace0529b83
    Key Type: RSA
    Domains: ciberterminal.net aleasbcn.com anon.ciberterminal.net anonaddy.ciberterminal.net bibliogram.ciberterminal.net blog.ciberterminal.net cloud.ciberterminal.net collabora.ciberterminal.net cv.ciberterminal.net dokuwiki.cibertermin
al.net en.cv.ciberterminal.net es.cv.ciberterminal.net grocy.ciberterminal.net mattermost.ciberterminal.net nextcloud.ciberterminal.net nitter.ciberterminal.net unsubscribe.ciberterminal.net wiki.ciberterminal.net www.aleasbcn.com www.cibe
rterminal.net
    Expiry Date: 2022-02-09 23:02:32+00:00 (INVALID: EXPIRED)
    Certificate Path: /etc/letsencrypt/live/ciberterminal.net/fullchain.pem
    Private Key Path: /etc/letsencrypt/live/ciberterminal.net/privkey.pem
 
The following renewal configurations were invalid:
  /etc/letsencrypt/renewal/ciberterminal.net-0001.conf
  /etc/letsencrypt/renewal/ciberterminal.net-0002.conf
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
[root@ciberterminal sites-available]# certbot delete
Saving debug log to /var/log/letsencrypt/letsencrypt.log
 
Which certificate(s) would you like to delete?
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1: ciberterminal.net-0001
2: ciberterminal.net-0002
3: ciberterminal.net-0003
4: ciberterminal.net-0004
5: ciberterminal.net
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Select the appropriate numbers separated by commas and/or spaces, or leave input
blank to select all options shown (Enter 'c' to cancel): 1
 
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
The following certificate(s) are selected for deletion:
 
  * ciberterminal.net-0001
 
Are you sure you want to delete the above certificate(s)?
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
(Y)es/(N)o: Y
An unexpected error occurred:
TypeError: coercing to Unicode: need string or buffer, NoneType found
Please see the logfiles in /var/log/letsencrypt for more details.
linux/certbot_cheatsheet.txt · Last modified: 2024/08/01 10:45 by dodger