Avoid Migration Toolkit to copy /etc/letsencrypt certificates when unnecessary

Hi all,
I'm trying to use the Migration Toolkit.
My scenario is:

• source server with a number of email and web domains (i.e., A, B, C, D, E, F)
• target server where I want to migrate SOME of such email and web domains (i.e., A, B only)
• Both server run certbot for "historical" reasons: I didn't even try to migrate to acme.sh to avoid problems, as suggested in several threads in this forum.

I tried to migrate two websites A and B and one mail domain to the target server with the --only-xxxxx flags; it worked BUT... I found in the /etc/letsencrypt folder on target server all Letsencrypt certificates copied from the source server, including those of the non-migrated domains (C, D, E, F).
This behavior left letsencrypt/certbot on target server in erroneous state: for example, running

Code:

certbot renew

fails for all certificates that were copied for non-migrated domains (C, D, E, F). I had to manually remove all non-relevant certificates from "live", "archive" and "renewal" subfolders of /etc/letsencrypt. Tedious and error prone.

Moreover, it could be much worse if, during this process, existing files in /etc/letsencrypt on target server would be overwritten (aren't they, right?).

Looking in the log, it seems that all letsencrypt certificates are copied as a whole in a single step with rsync:

The question is:
Is there any command-line option to limit migration only to relevant letsencrypt certificates to the target server?

Thank you
Aldo

 

Thank for your answer Th0m.
Not that elegant, but if there is no other way...
Kind regards
Aldo

 

Thank you Till.
Kind regards
Aldo

 

small question can this way be used to go from a certbot based server to a new clean acme based server?

 

Thank you very good option