Hosting Operations
List Certbot Certificates
You need to see Certbot-managed certificates and included domains.
Command
certbot certificatesWhat changed
Nothing changes. The command prints certificate inventory.
Danger
safe
When to use it
Use this before renewing, expanding, or debugging Let's Encrypt certificates.
When not to use it
Do not assume public DNS is correct just because a certificate exists locally.
Undo or recovery
No state is changed.
Expected output
Certificate names, domains, and expiry details.
demo script
Disposable terminal steps
certbot certificatescurl -sI https://example.comdig +short example.com A
simulated output
What it looks like
::fixture-ready::
$ certbot certificates
Certificate Name: example.com
Domains: example.com www.example.com
Expiry Date: 2026-09-23 10:00:00+00:00 (VALID: 90 days)
::exit-code::0
$ curl -sI https://example.com
HTTP/2 200
server: fake-nginx
x-content-type-options: nosniff
::exit-code::0
$ dig +short example.com A
203.0.113.10
::exit-code::0
YouTube Short
List the certs before changing SSL.
Before editing SSL config, check what Certbot already knows about the domain.
LinkedIn hook
The certificate existed. The question was which domains it covered.
Question: Do you check Certbot inventory before changing SSL config?
experiments
A/B tests to run
Metric: linkedin_save_rate
A: List Certbot certificates.
B: The cert existed. Which domains did it cover?