Question

How can I uninstall a manually installed Comodo SSL certificate from Ubuntu Nginx App managed by ServerPilot?

I have configured a Droplet with Ubuntu v16.04 running nginx, with ServerPilot managing an App to run a Wordpress Installation.

I recently installed a Comodo SSL certificate manually, but want to remove this as I have setup Cloudflare and want to use that service instead of the manual certificate to manage my SSL for me. They also provide a wildcard SSL which I currently do not have with the manually installed Comodo certificate and I would like to use this feature.

How can I uninstall the Comodo Certificate? There appears to be plenty of ‘How to install certificates’, but very little info on Uninstalling correctly.


Submit an answer


This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Accepted Answer

@DenMurphy

Last I recall, ServerPilot proxies requests to Apache via NGINX, though I’m not 100% sure which of the web servers is actually setup for SSL, or if they both are. They don’t publish that information, so you’d need to check the configuration or reach out to ServerPilot and see if they can provide the steps you need to take to remove it.

Generally speaking, you’d remove the SSL configuration from your server block or VirtualHost and change the listening port from 443 to 80, then restart the web servers for the changes to take.

If they use a standard setup, those files will be in:

/etc/apache2/sites-available

and

/etc/nginx/sites-available

The simplest way forward is to ascertain how you installed the certificate to begin with. Did you follow a tutorial somewhere? Generally following it in reverse is a good start.

In the NginX site config, usually located in /etc/nginx/sites-enabled/<your site>, you generally will see a few lines with the ssl_ prefix, which are the key lines to remove when removing SSL, as well as changing the listening back to port 80.

Please note, however, that if you remove SSL from your local system, you will not have full SSL coverage between your server and CloudFlare, only between CloudFlare and the client visiting the site.

You would be better off, in this case, replacing the certificate with the CloudFlare issued ‘Origin Certificate’ to ensure full SSL coverage - you can see more about this feature here: https://blog.cloudflare.com/cloudflare-ca-encryption-origin/

Try DigitalOcean for free

Click below to sign up and get $200 of credit to try our products over 60 days!

Sign up

Get our biweekly newsletter

Sign up for Infrastructure as a Newsletter.

Hollie's Hub for Good

Working on improving health and education, reducing inequality, and spurring economic growth? We'd like to help.

Become a contributor

Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.

Welcome to the developer cloud

DigitalOcean makes it simple to launch in the cloud and scale up as you grow — whether you're running one virtual machine or ten thousand.

Learn more
DigitalOcean Cloud Control Panel