The file that notes/sets the domain to get a cert for is /etc/dehydrated/confconsole.domains.txt. If you just want a cert for a single domain, just ensure that that is the only contents of the file (lines starting with '#' are ignored). E.g. if I wanted to get a cert for my.domain.com, the contents of /etc/dehydrated/confconsole.domains.txt would look like:
# please use this file with confconsole or
# alternatively use dehydrated with it's appropriate
# configuration directly
my.domain.com
Also, make sure that you clear cache and cookies from your browser (or better still - do testing in a private/incognito browser window - and close it once done).
The above should work fine and there should not be any need to "start again". However, if you really want to, don't worry about the file in /usr/local/share/ca-certificates/cert.crt - that isn't used. The files that your server uses should be /etc/ssl/private/cert.key (private key only) & /etc/ssl/private/cert.pem (cert, key and dh params combined into one file). And they are overwritten by a successful run, so you don't need to remove them. To clear all existing Dehydrated (the tool we use to get certs) config, run this command:
find /etc/dehydrated -type f -name "confconsole*" -exec rm {} \;
Then running Confconsole will copy new default config into place. Then configure as desired.
What is in /etc/dehydrated/confconsole.domains.txt?
The file that notes/sets the domain to get a cert for is /etc/dehydrated/confconsole.domains.txt. If you just want a cert for a single domain, just ensure that that is the only contents of the file (lines starting with '#' are ignored). E.g. if I wanted to get a cert for my.domain.com, the contents of /etc/dehydrated/confconsole.domains.txt would look like:
Also, make sure that you clear cache and cookies from your browser (or better still - do testing in a private/incognito browser window - and close it once done).
The above should work fine and there should not be any need to "start again". However, if you really want to, don't worry about the file in /usr/local/share/ca-certificates/cert.crt - that isn't used. The files that your server uses should be /etc/ssl/private/cert.key (private key only) & /etc/ssl/private/cert.pem (cert, key and dh params combined into one file). And they are overwritten by a successful run, so you don't need to remove them. To clear all existing Dehydrated (the tool we use to get certs) config, run this command:
find /etc/dehydrated -type f -name "confconsole*" -exec rm {} \;Then running Confconsole will copy new default config into place. Then configure as desired.
I hope that helps.
The certificates are