1.首先確認你的證書不再需要,如果有必要,請執行下面的命令進行備份
cp /etc/letsencrypt/ /etc/letsencrypt.backup -r
2.撤銷證書然后刪除證書
[root@localhost certbot-0.34.2]# certbot revoke ####這個是撤銷命令,執行這命令下面會報錯要讓我指定變量位置 Saving debug log to /var/log/letsencrypt/letsencrypt.log Error! Exactly one of --cert-path or --cert-name must be specified! You have new mail in /var/spool/mail/root [root@localhost certbot-0.34.2]# certbot revoke --cert-path /etc/letsencrypt/archive/pazzn.com/c cert1.pem cert2.pem chain1.pem chain2.pem [root@localhost certbot-0.34.2]# certbot revoke --cert-path /etc/letsencrypt/archive/pazzn.com/cert cert1.pem cert2.pem [root@localhost certbot-0.34.2]# certbot revoke --cert-path /etc/letsencrypt/archive/pazzn.com/cert1.pem ###撤銷這個cert1.pem證書,一般默認都是我這個位置 Saving debug log to /var/log/letsencrypt/letsencrypt.log Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Would you like to delete the cert(s) you just revoked, along with all earlier and later versions of the cert? - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - (Y)es (recommended)/(N)o: y ##確定撤銷 [root@localhost certbot-0.34.2]# certbot delete ###刪除證書 Saving debug log to /var/log/letsencrypt/letsencrypt.log Which certificate(s) would you like to delete? - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 1: pazzn.com-0001 2: pazzn.com-0002 3: pazzn.com - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Select the appropriate numbers separated by commas and/or spaces, or leave input blank to select all options shown (Enter 'c' to cancel): 1 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Deleted all files relating to certificate pazzn.com-0001. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - You have new mail in /var/spool/mail/root [root@localhost certbot-0.34.2]# certbot delete Saving debug log to /var/log/letsencrypt/letsencrypt.log Which certificate(s) would you like to delete? - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 1: pazzn.com-0002 2: pazzn.com - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Select the appropriate numbers separated by commas and/or spaces, or leave input blank to select all options shown (Enter 'c' to cancel): 1 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Deleted all files relating to certificate pazzn.com-0002. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - [root@localhost certbot-0.34.2]# certbot delete Saving debug log to /var/log/letsencrypt/letsencrypt.log Which certificate(s) would you like to delete? - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 1: pazzn.com - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Select the appropriate numbers separated by commas and/or spaces, or leave input blank to select all options shown (Enter 'c' to cancel): 1 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Deleted all files relating to certificate pazzn.com. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - [root@localhost certbot-0.34.2]# certbot delete ###刪除完后再次執行就會說沒有證書文件了,根據自己需要刪除域名指定證書 Saving debug log to /var/log/letsencrypt/letsencrypt.log No existing certificates found. [root@localhost certbot-0.34.2]# certbot revoke Saving debug log to /var/log/letsencrypt/letsencrypt.log Error! Exactly one of --cert-path or --cert-name must be specified! You have new mail in /var/spool/mail/root
3.弄完證書后還得刪除在nginx.conf配置文件中的ssl配置內容,不然沒有了證書,一般就報404什么的了,所以一定要刪除
刪除后記得重啟nginx服務,網頁就撤銷證書了。
[root@localhost ~]# systemctl restart nginx.service
[root@localhost ~]#
最后如圖已經撤銷:
參考鏈接:https://www.jesusamieiro.com/remove-revoke-a-domain-in-lets-encrypt/