Revoking certificate while using Automatic HTTPs

1. The problem I’m having:

I have set up an endpoint that authorizes a particular domain for Caddy to issue the certificate for. Now once the certificate is issued, and later we want to disable the domain, what is the right way to do it programmatically?

2. Error messages and/or full log output:

Once the endpoint starts rejecting the domain request, Caddy should stop serving the domain, but I believe since the certificate was already issued, it doesn’t hit the endpoint at all.

You should never need to revoke certificates. That’s not a normal thing to do. Revocations are only done if the certificate was compromised, i.e. the private key was leaked. If you’re just no longer using the domain, just delete the cert/key and move on. That’s all. If you’re having Caddy issue the certs, just… do nothing, Caddy will eventually clean out its own storage of expired certificates.

1 Like