How to remove unused certificates


creating new certificates for containers works just fine (we use letsencrypt with dnsChallgenge and httpChallenge in parallel). The question is, how does traefik behave when a container get's deleted? Will it try to renew the certificate because it's still insided the .json store? If so, is there a recommended way to permanently remove a certificate?


1 Like

I'm about 80% sure, that it won't renew them if they are not used. Renewal is only triggered by a tls router configuration. So you do not really have to remove them.

Alright then, iff I don't forget I will check back again in 2 months time, when renewal will start :wink:

Certificates will remain in the store forever. They will also be renewed when close to expiring.

The only way to safely remove certificates is to stop Traefik, update acme.json (manually or using jq or whatever, also see linked issue), then restart Traefik.