Tools for managing certificates.

Update the certificate file family symlinks to use archive_dir.

Use the information in the config file to make symlinks point to the correct archive directory.


This assumes that the installation is using a Reverter object.

Parameters:config (certbot.configuration.NamespaceConfig) – Configuration.

Rename the specified lineage to the new name.

Parameters:config (certbot.configuration.NamespaceConfig) – Configuration.

Display information about certs configured with Certbot

Parameters:config (certbot.configuration.NamespaceConfig) – Configuration.

Delete Certbot files associated with a certificate lineage.

certbot.cert_manager.lineage_for_certname(cli_config, certname)[source]

Find a lineage object with name certname.

certbot.cert_manager.domains_for_certname(config, certname)[source]

Find the domains in the cert with name certname.

certbot.cert_manager.find_duplicative_certs(config, domains)[source]

Find existing certs that duplicate the request.

certbot.cert_manager._archive_files(candidate_lineage, filetype)[source]

In order to match things like: /etc/letsencrypt/archive/example.com/chain1.pem.

Anonymous functions which call this function are eventually passed (in a list) to match_and_check_overlaps to help specify the acceptable_matches.

  • candidate_lineage (storage.RenewableCert) – Lineage whose archive dir is to be searched.
  • filetype (str) – main file name prefix e.g. “fullchain” or “chain”.

Files in candidate_lineage’s archive dir that match the provided filetype.

Return type:

list of str or None


Generates the list that’s passed to match_and_check_overlaps. Is its own function to make unit testing easier.

Returns:list of functions
Return type:list

If config.cert_path is defined, try to find an appropriate value for config.certname.


cli_config (configuration.NamespaceConfig) – parsed command line arguments


a lineage name

Return type:


certbot.cert_manager.match_and_check_overlaps(cli_config, acceptable_matches, match_func, rv_func)[source]

Searches through all lineages for a match, and checks for duplicates. If a duplicate is found, an error is raised, as performing operations on lineages that have their properties incorrectly duplicated elsewhere is probably a bad idea.

  • cli_config (configuration.NamespaceConfig) – parsed command line arguments
  • acceptable_matches (list) – a list of functions that specify acceptable matches
  • match_func (function) – specifies what to match
  • rv_func (function) – specifies what to return
certbot.cert_manager.human_readable_cert_info(config, cert, skip_filter_checks=False)[source]

Returns a human readable description of info about a RenewableCert object

certbot.cert_manager._get_certnames(config, verb, allow_multiple=False)[source]

Get certname from flag, interactively, or error out.


Format a results report for a category of single-line renewal outcomes

certbot.cert_manager._report_human_readable(config, parsed_certs)[source]

Format a results report for a parsed cert

certbot.cert_manager._describe_certs(config, parsed_certs, parse_failures)[source]

Print information about the certs we know about

certbot.cert_manager._search_lineages(cli_config, func, initial_rv, *args)[source]

Iterate func over unbroken lineages, allowing custom return conditions.

Allows flexible customization of return values, including multiple return values and complex checks.

  • cli_config (configuration.NamespaceConfig) – parsed command line arguments
  • func (function) – function used while searching over lineages
  • initial_rv – initial return value of the function (any type)

Whatever was specified by func if a match is found.