1.首先确认你的证书不再需要,如果有必要,请执行下面的命令进行备份
cp /etc/letsencrypt/ /etc/letsencrypt.backup -r
2.撤销证书然后删除证书
[root@localhost certbot-0.34.2]# certbot revoke ####这个是撤销命令,执行这命令下面会报错要让我指定变量位置 Saving debug log to /var/log/letsencrypt/letsencrypt.log Error! Exactly one of --cert-path or --cert-name must be specified! You have new mail in /var/spool/mail/root [root@localhost certbot-0.34.2]# certbot revoke --cert-path /etc/letsencrypt/archive/pazzn.com/c cert1.pem cert2.pem chain1.pem chain2.pem [root@localhost certbot-0.34.2]# certbot revoke --cert-path /etc/letsencrypt/archive/pazzn.com/cert cert1.pem cert2.pem [root@localhost certbot-0.34.2]# certbot revoke --cert-path /etc/letsencrypt/archive/pazzn.com/cert1.pem ###撤销这个cert1.pem证书,一般默认都是我这个位置 Saving debug log to /var/log/letsencrypt/letsencrypt.log Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Would you like to delete the cert(s) you just revoked, along with all earlier and later versions of the cert? - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - (Y)es (recommended)/(N)o: y ##确定撤销 [root@localhost certbot-0.34.2]# certbot delete ###删除证书 Saving debug log to /var/log/letsencrypt/letsencrypt.log Which certificate(s) would you like to delete? - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 1: pazzn.com-0001 2: pazzn.com-0002 3: pazzn.com - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Select the appropriate numbers separated by commas and/or spaces, or leave input blank to select all options shown (Enter 'c' to cancel): 1 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Deleted all files relating to certificate pazzn.com-0001. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - You have new mail in /var/spool/mail/root [root@localhost certbot-0.34.2]# certbot delete Saving debug log to /var/log/letsencrypt/letsencrypt.log Which certificate(s) would you like to delete? - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 1: pazzn.com-0002 2: pazzn.com - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Select the appropriate numbers separated by commas and/or spaces, or leave input blank to select all options shown (Enter 'c' to cancel): 1 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Deleted all files relating to certificate pazzn.com-0002. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - [root@localhost certbot-0.34.2]# certbot delete Saving debug log to /var/log/letsencrypt/letsencrypt.log Which certificate(s) would you like to delete? - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 1: pazzn.com - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Select the appropriate numbers separated by commas and/or spaces, or leave input blank to select all options shown (Enter 'c' to cancel): 1 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Deleted all files relating to certificate pazzn.com. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - [root@localhost certbot-0.34.2]# certbot delete ###删除完后再次执行就会说没有证书文件了,根据自己需要删除域名指定证书 Saving debug log to /var/log/letsencrypt/letsencrypt.log No existing certificates found. [root@localhost certbot-0.34.2]# certbot revoke Saving debug log to /var/log/letsencrypt/letsencrypt.log Error! Exactly one of --cert-path or --cert-name must be specified! You have new mail in /var/spool/mail/root
3.弄完证书后还得删除在nginx.conf配置文件中的ssl配置内容,不然没有了证书,一般就报404什么的了,所以一定要删除
删除后记得重启nginx服务,网页就撤销证书了。
[root@localhost ~]# systemctl restart nginx.service
[root@localhost ~]#
最后如图已经撤销:
参考链接:https://www.jesusamieiro.com/remove-revoke-a-domain-in-lets-encrypt/