LE config lingering after site removal

Hi,

I noticed that sometimes LE configs linger after deleting or inactivating sites. Letsencrypt log still displays daily renewal attempts (unauthorised).

What's the recommended way to remove LE config to prevent renewal attempts on deleted or otherwise defunct sites?

 

Hi, can you give me an example syntax?

Also what could be the reason that let's encrypt sometimes get unclicked on some sites. Seen this happen on different servers recently. I don't think it's the x3 root cert debacle but not entirely sure.

 

Thank you for the info.
One more question regarding LE. Didn't see it in your FAQ. For some reason the let's encrypt chains report wrong cert.

Example (I'm working on fixing it so if it's presenting as right then I solved the issue )
https://whatsmychaincert.com/?www.ojas.se

What could be the issue with a cert from LE that isn't expiring until January presenting wrong chain?
Site works fine on android and most browsers. But iPhone is having issues visiting it.

 

Is the wrong certificate shown on all browsers or only on iPhone?
Does your browser show the intended website and the certificate is for that website? Did you examine the certificate in browser?
In what way is the chain wrong?

 

Works fine in desktop browser.
IPhones seem to get issues with the cert. Only thing I can see erranous is the chain. See test link above.
When chains are wrong usually apple devices get issues.

 

Is the issue the recent infamous root certificate expiry that some browsers can not deal with? There was discussion recently on this forum and elsewhere. And on LE website.

 

Maybe you the have the expired root-cert still on your server? you can try

Code:

sed -i "s/^mozilla\/DST_Root_CA_X3\.crt/\!mozilla\/DST_Root_CA_X3\.crt/g" /etc/ca-certificates.conf
update-ca-certificates

 

This seems to have done the trick. Thank you!