Revoking Lets Encrypt Certificate properly Rumi, August 14, 2020 When you want to learn how to revoke Let’s Encrypt SSL/TLS certificates, follow the steps below: Step 1: Validate Certificate file Before you revoke a certificate, you’ll want to validate that the correct certificates and key file you’re revoking.. since there is no reversal.. Once a certificate is revoked, it will never be used again… When you revoke a certificate, the certificate authority publishes that revocation information through the Online Certificate Status Protocol (OCSP), and some browsers will check OCSP to see whether they should trust a certificate… Step 2: Revoke a Certificate for example.com Now that you know the certificate you want to revoke, simply run the command below to revoke a certificate for the domain example.com certbot revoke --cert-path /etc/letsencrypt/live/example.com/cert.pem --key-path /etc/letsencrypt/live/example.com/key.pem Let’s Encrypt typically stores its certificates and corresponding key in the /etc/letsencrypt/live/example.com/ directory… Replacing example.com with the domain name you issued for the certificate… When you run the command above, you’ll also get prompted whether to also remove the directory and folders of the certificate… most cases, you’ll want to type y for yes… Step 3: Uninstall Let’s Encrypt | Certbot If you don’t want to use Let’s Encrypt of Certbot to manage your certificates, you can completely remove or purge the app and packages from your system.. To do that, simply run the commands below: sudo apt update sudo apt purge letsencrypt && sudo apt purge certbot When you run the commands above, you’ll be prompted to confirm that you want to remove listed packages.. Choose yes… Finally, run the commands below to remove Let’s encrypt directories… sudo rm -rf /etc/letsencrypt That should do it! Src: https://websiteforstudents.com/revoking-lets-encrypt-certificates-on-ubuntu-18-04-16-04/ Administrations Configurations (Linux) PKI Letsencrypt