Hi, I realized that a lot of errors were being emitted to /var/log/letsencrypt/letsencrypt.log, and it turned out that most of them were related to renewal of SSL certificates for disabled websites, where we have also removed DNS. We keep the sites in ISPConfig in case we want them back some day. Is that by design - that disabled websites are still having SSL certificates renewed ? Yesterday I went through all disabled websites and removed both the SSL flags in the configuration, but attempts to renew the certificates are still being made nightly - why? Perhaps disabling SSL doesn't work when the website is disabled (?). I would probably consider that a bug, if that's the case. I fear Let's Encrypt will eventually ban our server if this continues. How can I fix it? Can I remove `/etc/letsencrypt/renewal/<domain.tld>.conf` for all disabled websites without breaking them, if we want to some day bring them back ? What else do I need to remove to avoid leaving behind garbage ? Re-enabling all websites and their Let's Encrypt certificates to subsequently disable Let's Encrypt again is not an option as I no longer have control over most of the domains. -- Thanks in advance
Better use certbot delete command to cleanly remove the certs. ISPConfig should try to reissue the cert when the site gets activated, if this does not work, then deactivating LE in the site, saving and activating it again should bring back the cert.
Hi @till Thank you for replying back so quickly. I did as you suggested, and everything is now working again. Thanks
