Clean up /var/www/*/ssl ?

I'm sorry if I've missed other notes about this, it's tough to search on this topic.

In April I migrated a system from 3.1 to 3.2.
/var/www/sitename/ssl folders have a lot of old backups and invalid .pem links from ISPConfig v3.1/3.2.
Is there anything wrong with archiving or deleting these?
Is it correct that the ssl folders in 3.2.12-3.3 should now only have the current .crt and .key files for each domain and subdomain?

The backup files domain-le.cert.old.year files are no longer being generated. I don't know if this is/was a function of ISPConfig or Acme. Is that a bug? Should we care about prior certs once they are replaced? (I don't think so)

Thanks!

 

ROFL : Ooops: I see in the 3.3 release notes:

> Auto Cleanup of Certificates: Old certificates will be automatically removed, reducing clutter and keeping your certificate storage organized.

So an update to 3.3 will clean all of that junk out of the ssl folders?

 

SSL backups in /var/www/sitename/ssl folders don't exist anymore for many years.
My last where from april 2021.
Also they don't serve any purpose. Expired certificates are useless.
Both letsencrypt/certbot and acme.sh keep their own backups.
The latest/current certificates are symlinked to the site's ssl folder if you're using letsencrypt/certbot or copied to the site's ssl folder if you're using acme.sh.

 

Thanks for that confirmation. I was running 3.2.1 until this year. I think my most recent ssl file backups are from 12/2023.
I'll delete those old backups (easily in backup archives if ever needed but I'm sure they won't be) and will look for responses to my other questions in my other thread from today. I'm using acme.sh so will expect these files to contain only .crt and .key files. (I don't think there should be .pem files.)
Thanks.

 

Related to old files, I just created
https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/6913
"/var/www/*/ssl symlinks not removed after migration"