diff --git a/.travis.yml b/.travis.yml
index b23164a19..1bee350d8 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -30,12 +30,17 @@ matrix:
   include:
     # Main test suite
     - python: "2.7"
-      env: BOULDER_INTEGRATION=v1 INTEGRATION_TEST=all TOXENV=py27_install
+      env: ACME_SERVER=boulder-v1 PYTEST_ADDOPTS=-n4 TOXENV=integration
       sudo: required
       services: docker
       <<: *not-on-master
     - python: "2.7"
-      env: BOULDER_INTEGRATION=v2 INTEGRATION_TEST=all TOXENV=py27_install
+      env: ACME_SERVER=boulder-v2 PYTEST_ADDOPTS=-n4 TOXENV=integration
+      sudo: required
+      services: docker
+      <<: *not-on-master
+    - python: "2.7"
+      env: ACME_SERVER=pebble PYTEST_ADDOPTS=-n4 TOXENV=integration
       sudo: required
       services: docker
       <<: *not-on-master
@@ -220,9 +225,7 @@ addons:
     - openssl
 
 install: "$(command -v pip || command -v pip3) install codecov tox"
-script:
-    - tox
-    - '[ -z "${BOULDER_INTEGRATION+x}" ] || (tests/boulder-fetch.sh && tests/tox-boulder-integration.sh)'
+script: tox
 
 after_success: '[ "$TOXENV" == "py27-cover" ] && codecov -F linux'
 
diff --git a/certbot-apache/certbot_apache/tests/apache-conf-files/pebble-fetch-start.sh b/certbot-apache/certbot_apache/tests/apache-conf-files/pebble-fetch-start.sh
new file mode 100755
index 000000000..52a7d8c98
--- /dev/null
+++ b/certbot-apache/certbot_apache/tests/apache-conf-files/pebble-fetch-start.sh
@@ -0,0 +1,30 @@
+#!/bin/bash
+# Download and run Pebble instance for integration testing
+set -xe
+
+export GOPATH=${GOPATH:-$HOME/gopath}
+PEBBLEPATH=${PEBBLEPATH:-$GOPATH/pebble}
+if [[ ! -d ${PEBBLEPATH} ]]; then
+  git clone --depth=1 https://github.com/letsencrypt/pebble ${PEBBLEPATH}
+fi
+
+cd ${PEBBLEPATH}
+
+docker-compose up -d
+
+set +x  # reduce verbosity while waiting for pebble
+for n in `seq 1 150` ; do
+  if curl -k https://localhost:14000/dir 2>/dev/null; then
+    break
+  else
+    sleep 1
+  fi
+done
+
+if ! curl -k https://localhost:14000/dir 2>/dev/null; then
+  echo "timed out waiting for pebble to start"
+  exit 1
+fi
+
+# Setup the DNS resolution used by pebble instance to docker host
+curl -X POST -d '{"ip":"10.30.50.1"}' http://localhost:8055/set-default-ipv4
diff --git a/certbot-ci/setup.py b/certbot-ci/setup.py
index 852d2481c..9bbd18022 100644
--- a/certbot-ci/setup.py
+++ b/certbot-ci/setup.py
@@ -11,7 +11,6 @@ install_requires = [
     'pyopenssl',
     'pytest',
     'pytest-cov',
-    'pytest-rerunfailures==4.2',
     'pytest-sugar',
     'pytest-xdist',
     'pyyaml',
diff --git a/certbot-nginx/tests/boulder-integration.conf.sh b/certbot-nginx/tests/boulder-integration.conf.sh
deleted file mode 100755
index 35cedf5ed..000000000
--- a/certbot-nginx/tests/boulder-integration.conf.sh
+++ /dev/null
@@ -1,107 +0,0 @@
-#!/usr/bin/env bash
-# Based on
-# https://www.exratione.com/2014/03/running-nginx-as-a-non-root-user/
-# https://github.com/exratione/non-root-nginx/blob/9a77f62e5d5cb9c9026fd62eece76b9514011019/nginx.conf
-
-# USAGE: ./boulder-integration.conf.sh /path/to/root cert.key cert.pem >> nginx.conf
-
-ROOT=$1
-CERT_KEY_PATH=$2
-CERT_PATH=$3
-
-cat <<EOF
-# This error log will be written regardless of server scope error_log
-# definitions, so we have to set this here in the main scope.
-#
-# Even doing this, Nginx will still try to create the default error file, and
-# log a non-fatal error when it fails. After that things will work, however.
-error_log $ROOT/error.log;
-
-# The pidfile will be written to /var/run unless this is set.
-pid $ROOT/nginx.pid;
-
-worker_processes 1;
-
-events {
-  worker_connections 1024;
-}
-
-http {
-  # Set an array of temp, cache and log file options that will otherwise default to
-  # restricted locations accessible only to root.
-  client_body_temp_path $ROOT/client_body;
-  fastcgi_temp_path $ROOT/fastcgi_temp;
-  proxy_temp_path $ROOT/proxy_temp;
-  #scgi_temp_path $ROOT/scgi_temp;
-  #uwsgi_temp_path $ROOT/uwsgi_temp;
-  access_log $ROOT/error.log;
-
-  # This should be turned off in a Virtualbox VM, as it can cause some
-  # interesting issues with data corruption in delivered files.
-  sendfile off;
-
-  tcp_nopush on;
-  tcp_nodelay on;
-  keepalive_timeout 65;
-  types_hash_max_size 2048;
-
-  #include /etc/nginx/mime.types;
-  index index.html index.htm index.php;
-
-  log_format   main '\$remote_addr - \$remote_user [\$time_local] \$status '
-    '"\$request" \$body_bytes_sent "\$http_referer" '
-    '"\$http_user_agent" "\$http_x_forwarded_for"';
-
-  default_type application/octet-stream;
-
-  server {
-    # IPv4.
-    listen 5002 $default_server;
-    # IPv6.
-    listen [::]:5002 $default_server;
-    server_name nginx.wtf nginx2.wtf;
-
-    root $ROOT/webroot;
-
-    location / {
-      # First attempt to serve request as file, then as directory, then fall
-      # back to index.html.
-      try_files \$uri \$uri/ /index.html;
-    }
-  }
-
-  server {
-    listen 5002;
-    listen [::]:5002;
-    server_name nginx3.wtf;
-
-    root $ROOT/webroot;
-
-    location /.well-known/ {
-      return 404;
-    }
-
-    return 301 https://\$host\$request_uri;
-  }
-
-  server {
-    listen 8082;
-    listen [::]:8082;
-    server_name nginx4.wtf nginx5.wtf;
-  }
-
-  server {
-    listen 5002;
-    listen [::]:5002;
-    listen 5001 ssl;
-    listen [::]:5001 ssl;
-    if (\$scheme != "https") {
-      return 301 https://\$host\$request_uri;
-    }
-    server_name nginx6.wtf nginx7.wtf;
-
-    ssl_certificate ${CERT_PATH};
-    ssl_certificate_key ${CERT_KEY_PATH};
-  }
-}
-EOF
diff --git a/certbot-nginx/tests/boulder-integration.sh b/certbot-nginx/tests/boulder-integration.sh
deleted file mode 100755
index fbb34a273..000000000
--- a/certbot-nginx/tests/boulder-integration.sh
+++ /dev/null
@@ -1,71 +0,0 @@
-#!/bin/bash -xe
-# prerequisite: apt-get install --no-install-recommends nginx-light openssl
-
-. ./tests/integration/_common.sh
-
-export PATH="/usr/sbin:$PATH"  # /usr/sbin/nginx
-nginx_root="$root/nginx"
-mkdir $nginx_root
-
-# Generate self-signed certificate for Nginx
-openssl req -new -newkey rsa:2048 -days 1 -nodes -x509 \
-    -keyout $nginx_root/cert.key -out $nginx_root/cert.pem -subj "/CN=nginx.wtf"
-
-reload_nginx () {
-    original=$(./certbot-nginx/tests/boulder-integration.conf.sh $nginx_root $nginx_root/cert.key $nginx_root/cert.pem)
-    nginx_conf="$nginx_root/nginx.conf"
-    echo "$original" > $nginx_conf
-
-    killall nginx || true
-    nginx -c $nginx_root/nginx.conf
-}
-
-certbot_test_nginx () {
-    certbot_test \
-        --authenticator nginx \
-        --installer nginx \
-        --nginx-server-root $nginx_root \
-        "$@"
-}
-
-test_deployment_and_rollback() {
-    # Arguments: certname
-    echo | openssl s_client -connect localhost:5001 \
-        | openssl x509 -out $root/nginx.pem
-    diff -q $root/nginx.pem "$root/conf/live/$1/cert.pem"
-
-    certbot_test_nginx rollback --checkpoints 9001
-    diff -q <(echo "$original") $nginx_conf
-}
-
-export default_server="default_server"
-nginx -v
-reload_nginx
-certbot_test_nginx --domains nginx.wtf run
-test_deployment_and_rollback nginx.wtf
-certbot_test_nginx --domains nginx2.wtf --preferred-challenges http
-test_deployment_and_rollback nginx2.wtf
-# Overlapping location block and server-block-level return 301
-certbot_test_nginx --domains nginx3.wtf --preferred-challenges http
-test_deployment_and_rollback nginx3.wtf
-# No matching server block; default_server exists
-certbot_test_nginx --domains nginx4.wtf --preferred-challenges http
-test_deployment_and_rollback nginx4.wtf
-# No matching server block; default_server does not exist
-export default_server=""
-reload_nginx
-if nginx -c $nginx_root/nginx.conf -T 2>/dev/null | grep "default_server"; then
-    echo "Failed to remove default_server"
-    exit 1
-fi
-certbot_test_nginx --domains nginx5.wtf --preferred-challenges http
-test_deployment_and_rollback nginx5.wtf
-# Mutiple domains, mix of matching and not
-certbot_test_nginx --domains nginx6.wtf,nginx7.wtf --preferred-challenges http
-test_deployment_and_rollback nginx6.wtf
-
-# note: not reached if anything above fails, hence "killall" at the
-# top
-nginx -c $nginx_root/nginx.conf -s stop
-
-coverage report --fail-under 72 --include 'certbot-nginx/*' --show-missing
diff --git a/docs/contributing.rst b/docs/contributing.rst
index 582f14599..5fcf0f02b 100644
--- a/docs/contributing.rst
+++ b/docs/contributing.rst
@@ -116,36 +116,24 @@ of output can make it hard to find specific failures when they happen.
 
 .. _integration:
 
-Integration testing with the Boulder CA
-~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+Integration testing with the Pebble CA
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 Generally it is sufficient to open a pull request and let Github and Travis run
-integration tests for you, however, if you want to run them locally you need
-Docker and docker-compose installed and working. Fetch and start Boulder, Let's
-Encrypt's ACME CA software, by using:
+integration tests for you. However, you may want to run them locally before submitting
+your pull request. You need Docker and docker-compose installed and working.
+
+The tox environment `integration` will setup Pebble, the LetsEncrypt ACME CA server
+for integration testing, then launch the Certbot integration tests.
+
+With a user allowed to access your local Docker daemon, run:
 
 .. code-block:: shell
 
-  ./tests/boulder-fetch.sh
+  tox -e integration
 
-If you have problems with Docker, you may want to try `removing all containers and
-volumes`_ and making sure you have at least 1GB of memory.
-
-Set up a certbot_test alias that enables easily running against the local
-Boulder:
-
-.. code-block:: shell
-
-   export SERVER=http://localhost:4000/directory
-   source tests/integration/_common.sh
-
-Run the integration tests using:
-
-.. code-block:: shell
-
-  ./tests/boulder-integration.sh
-
-.. _removing all containers and volumes: https://www.digitalocean.com/community/tutorials/how-to-remove-docker-images-containers-and-volumes
+Tests will be run using pytest. An test report and a code coverage report will be
+displayed at the end of the integration tests execution.
 
 Code components and layout
 ==========================
diff --git a/tests/boulder-fetch.sh b/tests/boulder-fetch.sh
deleted file mode 100755
index f34deb74e..000000000
--- a/tests/boulder-fetch.sh
+++ /dev/null
@@ -1,32 +0,0 @@
-#!/bin/bash
-# Download and run Boulder instance for integration testing
-set -xe
-
-# Clone Boulder into a GOPATH-style directory structure even if Go isn't
-# installed, because Boulder's docker-compose.yml file wll look for it there.
-export GOPATH=${GOPATH:-$HOME/gopath}
-BOULDERPATH=${BOULDERPATH:-$GOPATH/src/github.com/letsencrypt/boulder}
-if [ ! -d ${BOULDERPATH} ]; then
-  git clone --depth=1 https://github.com/letsencrypt/boulder ${BOULDERPATH}
-fi
-
-cd ${BOULDERPATH}
-
-docker-compose up -d boulder
-
-set +x  # reduce verbosity while waiting for boulder
-for n in `seq 1 150` ; do
-  if curl http://localhost:4000/directory 2>/dev/null; then
-    break
-  else
-    sleep 1
-  fi
-done
-
-if ! curl http://localhost:4000/directory 2>/dev/null; then
-  echo "timed out waiting for boulder to start"
-  exit 1
-fi
-
-# Setup the DNS resolution used by boulder instance to docker host
-curl -X POST -d '{"ip":"10.77.77.1"}' http://localhost:8055/set-default-ipv4
diff --git a/tests/boulder-integration.sh b/tests/boulder-integration.sh
deleted file mode 100755
index 3e16fcbbc..000000000
--- a/tests/boulder-integration.sh
+++ /dev/null
@@ -1,16 +0,0 @@
-#!/bin/bash
-
-set -e
-
-if [ "$INTEGRATION_TEST" = "certbot" ]; then
-    tests/certbot-boulder-integration.sh
-elif [ "$INTEGRATION_TEST" = "nginx" ]; then
-    certbot-nginx/tests/boulder-integration.sh
-else
-   tests/certbot-boulder-integration.sh
-    # Most CI systems set this variable to true.
-    # If the tests are running as part of CI, Nginx should be available.
-    if ${CI:-false} || type nginx; then
-        certbot-nginx/tests/boulder-integration.sh
-    fi
-fi
diff --git a/tests/certbot-boulder-integration.sh b/tests/certbot-boulder-integration.sh
deleted file mode 100755
index 853712e57..000000000
--- a/tests/certbot-boulder-integration.sh
+++ /dev/null
@@ -1,584 +0,0 @@
-#!/bin/bash
-# Simple integration test. Make sure to activate virtualenv beforehand
-# (source venv/bin/activate) and that you are running Boulder test
-# instance (see ./boulder-fetch.sh).
-#
-# Environment variables:
-#   SERVER: Passed as "certbot --server" argument.
-#
-# Note: this script is called by Boulder integration test suite!
-
-set -eux
-
-# Check that python executable is available in the PATH. Fail immediatly if not.
-command -v python > /dev/null || (echo "Error, python executable is not in the PATH" && exit 1)
-
-. ./tests/integration/_common.sh
-export PATH="$PATH:/usr/sbin"  # /usr/sbin/nginx
-CURRENT_DIR="$(pwd)"
-
-cleanup_and_exit() {
-    EXIT_STATUS=$?
-    cd $CURRENT_DIR
-    if SERVER_STILL_RUNNING=`ps -p $python_server_pid -o pid=`
-    then
-        echo Kill server subprocess, left running by abnormal exit
-        kill $SERVER_STILL_RUNNING
-    fi
-    if [ -f "$HOOK_DIRS_TEST" ]; then
-        rm -f "$HOOK_DIRS_TEST"
-    fi
-    exit $EXIT_STATUS
-}
-
-trap cleanup_and_exit EXIT
-
-export HOOK_DIRS_TEST="$(mktemp)"
-renewal_hooks_root="$config_dir/renewal-hooks"
-renewal_hooks_dirs=$(echo "$renewal_hooks_root/"{pre,deploy,post})
-renewal_dir_pre_hook="$(echo $renewal_hooks_dirs | cut -f 1 -d " ")/hook.sh"
-renewal_dir_deploy_hook="$(echo $renewal_hooks_dirs | cut -f 2 -d " ")/hook.sh"
-renewal_dir_post_hook="$(echo $renewal_hooks_dirs | cut -f 3 -d " ")/hook.sh"
-
-# Creates hooks in Certbot's renewal hook directory that write to a file
-CreateDirHooks() {
-    for hook_dir in $renewal_hooks_dirs; do
-        mkdir -p $hook_dir
-        hook_path="$hook_dir/hook.sh"
-        cat << EOF > "$hook_path"
-#!/bin/bash -xe
-if [ "\$0" = "$renewal_dir_deploy_hook" ]; then
-    if [ -z "\$RENEWED_DOMAINS" -o -z "\$RENEWED_LINEAGE" ]; then
-        echo "Environment variables not properly set!" >&2
-        exit 1
-    fi
-fi
-echo \$(basename \$(dirname "\$0")) >> "\$HOOK_DIRS_TEST"
-EOF
-        chmod +x "$hook_path"
-    done
-}
-
-# Asserts that the hooks created by CreateDirHooks have been run once and
-# resets the file.
-#
-# Arguments:
-#     The number of times the deploy hook should have been run. (It should run
-#     once for each certificate that was issued in that run of Certbot.)
-CheckDirHooks() {
-    expected="pre\n"
-    for ((i=0; i<$1; i++)); do
-        expected=$expected"deploy\n"
-    done
-    expected=$expected"post"
-
-    if ! diff "$HOOK_DIRS_TEST" <(echo -e "$expected"); then
-        echo "Unexpected directory hook output!" >&2
-        echo "Expected:" >&2
-        echo -e "$expected" >&2
-        echo "Got:" >&2
-        cat "$HOOK_DIRS_TEST" >&2
-        exit 1
-    fi
-
-    rm -f "$HOOK_DIRS_TEST"
-    export HOOK_DIRS_TEST="$(mktemp)"
-}
-
-common_no_force_renew() {
-    certbot_test_no_force_renew \
-        --authenticator standalone \
-        --installer null \
-        "$@"
-}
-
-common() {
-    common_no_force_renew \
-        --renew-by-default \
-        "$@"
-}
-
-export HOOK_TEST="/tmp/hook$$"
-CheckHooks() {
-    if [ $(head -n1 "$HOOK_TEST") = "wtf.pre" ]; then
-        expected="wtf.pre\ndeploy\n"
-        if [ $(sed '3q;d' "$HOOK_TEST") = "deploy" ]; then
-            expected=$expected"deploy\nwtf2.pre\n"
-        else
-            expected=$expected"wtf2.pre\ndeploy\n"
-        fi
-        expected=$expected"deploy\ndeploy\nwtf.post\nwtf2.post"
-    else
-        expected="wtf2.pre\ndeploy\n"
-        if [ $(sed '3q;d' "$HOOK_TEST") = "deploy" ]; then
-            expected=$expected"deploy\nwtf.pre\n"
-        else
-            expected=$expected"wtf.pre\ndeploy\n"
-        fi
-        expected=$expected"deploy\ndeploy\nwtf2.post\nwtf.post"
-    fi
-
-    if ! cmp --quiet <(echo -e "$expected") "$HOOK_TEST" ; then
-        echo Hooks did not run as expected\; got >&2
-        cat "$HOOK_TEST" >&2
-        echo -e "Expected\n$expected" >&2
-        rm "$HOOK_TEST"
-        exit 1
-    fi
-    rm "$HOOK_TEST"
-}
-
-# Checks if deploy is in the hook output and deletes the file
-DeployInHookOutput() {
-    CONTENTS=$(cat "$HOOK_TEST")
-    rm "$HOOK_TEST"
-    grep deploy <(echo "$CONTENTS")
-}
-
-# Asserts that there is a saved renew_hook for a lineage.
-#
-# Arguments:
-#     Name of lineage to check
-CheckSavedRenewHook() {
-    if ! grep renew_hook "$config_dir/renewal/$1.conf"; then
-        echo "Hook wasn't saved as renew_hook" >&2
-        exit 1
-    fi
-}
-
-# Asserts the deploy hook was properly run and saved and deletes the hook file
-#
-# Arguments:
-#   Lineage name of the issued cert
-CheckDeployHook() {
-    if ! DeployInHookOutput; then
-        echo "The deploy hook wasn't run" >&2
-        exit 1
-    fi
-    CheckSavedRenewHook $1
-}
-
-# Asserts the renew hook wasn't run but was saved and deletes the hook file
-#
-# Arguments:
-#   Lineage name of the issued cert
-# Asserts the deploy hook wasn't run and deletes the hook file
-CheckRenewHook() {
-    if DeployInHookOutput; then
-        echo "The renew hook was incorrectly run" >&2
-        exit 1
-    fi
-    CheckSavedRenewHook $1
-}
-
-# Return success only if input contains exactly $1 lines of text, of
-# which $2 different values occur in the first field.
-TotalAndDistinctLines() {
-    total=$1
-    distinct=$2
-    awk '{a[$1] = 1}; END {n = 0; for (i in a) { n++ }; exit(NR !='$total' || n !='$distinct')}'
-}
-
-# Cleanup coverage data
-coverage erase
-
-# test for regressions of #4719
-get_num_tmp_files() {
-    ls -1 /tmp | wc -l
-}
-num_tmp_files=$(get_num_tmp_files)
-common --csr / > /dev/null && echo expected error && exit 1 || true
-common --help > /dev/null
-common --help all > /dev/null
-common --version > /dev/null
-if [ $(get_num_tmp_files) -ne $num_tmp_files ]; then
-    echo "New files or directories created in /tmp!"
-    exit 1
-fi
-CreateDirHooks
-
-common register
-for dir in $renewal_hooks_dirs; do
-    if [ ! -d "$dir" ]; then
-        echo "Hook directory not created by Certbot!" >&2
-        exit 1
-    fi
-done
-
-common unregister
-
-common register --email ex1@domain.org,ex2@domain.org
-
-# TODO: When `certbot register --update-registration` is fully deprecated, delete the two following deprecated uses
-
-common register --update-registration --email ex1@domain.org
-
-common register --update-registration --email ex1@domain.org,ex2@domain.org
-
-common update_account --email example@domain.org
-
-common update_account --email ex1@domain.org,ex2@domain.org
-
-common plugins --init --prepare | grep webroot
-
-# We start a server listening on the port for the
-# unrequested challenge to prevent regressions in #3601.
-python ./tests/run_http_server.py $https_port &
-python_server_pid=$!
-certname="le1.wtf"
-common --domains le1.wtf --preferred-challenges http-01 auth \
-       --cert-name $certname \
-       --pre-hook 'echo wtf.pre >> "$HOOK_TEST"' \
-       --post-hook 'echo wtf.post >> "$HOOK_TEST"'\
-       --deploy-hook 'echo deploy >> "$HOOK_TEST"'
-CheckDeployHook $certname
-
-# Previous test used to be a tls-sni-01 challenge that is not supported anymore.
-# Now it is a http-01 challenge and this makes it a duplicate of the following test.
-# But removing it would break many tests here, as they are strongly coupled.
-# See https://github.com/certbot/certbot/pull/6852
-certname="le2.wtf"
-common --domains le2.wtf --preferred-challenges http-01 run \
-       --cert-name $certname \
-       --pre-hook 'echo wtf.pre >> "$HOOK_TEST"' \
-       --post-hook 'echo wtf.post >> "$HOOK_TEST"'\
-       --deploy-hook 'echo deploy >> "$HOOK_TEST"'
-kill $python_server_pid
-CheckDeployHook $certname
-
-certname="le.wtf"
-common certonly -a manual -d le.wtf --rsa-key-size 4096 --cert-name $certname \
-    --manual-auth-hook ./tests/manual-http-auth.sh \
-    --manual-cleanup-hook ./tests/manual-http-cleanup.sh \
-    --pre-hook 'echo wtf2.pre >> "$HOOK_TEST"' \
-    --post-hook 'echo wtf2.post >> "$HOOK_TEST"' \
-    --renew-hook 'echo deploy >> "$HOOK_TEST"'
-CheckRenewHook $certname
-
-certname="dns.le.wtf"
-common -a manual -d dns.le.wtf --preferred-challenges dns run \
-    --cert-name $certname \
-    --manual-auth-hook ./tests/manual-dns-auth.sh \
-    --manual-cleanup-hook ./tests/manual-dns-cleanup.sh \
-    --pre-hook 'echo wtf2.pre >> "$HOOK_TEST"' \
-    --post-hook 'echo wtf2.post >> "$HOOK_TEST"' \
-    --renew-hook 'echo deploy >> "$HOOK_TEST"'
-CheckRenewHook $certname
-
-common certonly --cert-name newname -d newname.le.wtf
-
-export CSR_PATH="${root}/csr.der" KEY_PATH="${root}/key.pem" \
-       OPENSSL_CNF=examples/openssl.cnf
-./examples/generate-csr.sh le3.wtf
-common auth --csr "$CSR_PATH" \
-       --cert-path "${root}/csr/cert.pem" \
-       --chain-path "${root}/csr/chain.pem"
-openssl x509 -in "${root}/csr/cert.pem" -text
-openssl x509 -in "${root}/csr/chain.pem" -text
-
-common --domains le3.wtf install \
-       --cert-path "${root}/csr/cert.pem" \
-       --key-path "${root}/key.pem"
-
-CheckCertCount() {
-    CERTCOUNT=`ls "${root}/conf/archive/$1/cert"* | wc -l`
-    if [ "$CERTCOUNT" -ne "$2" ] ; then
-        echo Wrong cert count, not "$2" `ls "${root}/conf/archive/$1/"*`
-        exit 1
-    fi
-}
-
-CheckPermissions() {
-# Args: <filepath_1> <filepath_2> <mask>
-# Checks mode of two files match under <mask>
-    masked_mode() { echo $((0`stat -c %a $1` & 0$2)); }
-    if [ `masked_mode $1 $3` -ne `masked_mode $2 $3` ] ; then
-        echo "With $3 mask, expected mode `masked_mode $1 $3`, got `masked_mode $2 $3` on file $2"
-        exit 1
-    fi
-}
-
-CheckGID() {
-# Args: <filepath_1> <filepath_2>
-# Checks group owner of two files match
-    group_owner() { echo `stat -c %G $1`; }
-    if [ `group_owner $1` != `group_owner $2` ] ; then
-        echo "Expected group owner `group_owner $1`, got `group_owner $2` on file $2"
-        exit 1
-    fi
-}
-
-CheckOthersPermission() {
-# Args: <filepath_1> <expected mode>
-# Tests file's other/world permission against expected mode
-    other_permission=$((0`stat -c %a $1` & 07))
-    if [ $other_permission -ne $2 ] ; then
-        echo "Expected file $1 to have others mode $2, got $other_permission instead"
-        exit 1
-    fi
-}
-
-CheckCertCount "le.wtf" 1
-
-# This won't renew (because it's not time yet)
-common_no_force_renew renew
-CheckCertCount "le.wtf" 1
-if [ -s "$HOOK_DIRS_TEST" ]; then
-    echo "Directory hooks were executed for non-renewal!" >&2;
-    exit 1
-fi
-
-rm -rf "$renewal_hooks_root"
-# renew using HTTP manual auth hooks
-common renew --cert-name le.wtf --authenticator manual
-CheckCertCount "le.wtf" 2
-
-CheckOthersPermission "${root}/conf/archive/le.wtf/privkey1.pem" 0
-CheckOthersPermission "${root}/conf/archive/le.wtf/privkey2.pem" 0
-CheckPermissions "${root}/conf/archive/le.wtf/privkey1.pem" "${root}/conf/archive/le.wtf/privkey2.pem" 074
-CheckGID "${root}/conf/archive/le.wtf/privkey1.pem" "${root}/conf/archive/le.wtf/privkey2.pem"
-chmod 0444 "${root}/conf/archive/le.wtf/privkey2.pem"
-
-# test renewal with no executables in hook directories
-for hook_dir in $renewal_hooks_dirs; do
-    touch "$hook_dir/file"
-    mkdir "$hook_dir/dir"
-done
-# renew using DNS manual auth hooks
-common renew --cert-name dns.le.wtf --authenticator manual
-CheckCertCount "dns.le.wtf" 2
-
-# test with disabled directory hooks
-rm -rf "$renewal_hooks_root"
-CreateDirHooks
-# This will renew because the expiry is less than 10 years from now
-sed -i "4arenew_before_expiry = 4 years" "$root/conf/renewal/le.wtf.conf"
-common_no_force_renew renew --rsa-key-size 2048 --no-directory-hooks
-CheckCertCount "le.wtf" 3
-CheckGID "${root}/conf/archive/le.wtf/privkey2.pem" "${root}/conf/archive/le.wtf/privkey3.pem"
-CheckPermissions "${root}/conf/archive/le.wtf/privkey2.pem" "${root}/conf/archive/le.wtf/privkey3.pem" 074
-CheckOthersPermission "${root}/conf/archive/le.wtf/privkey3.pem" 04
-
-if [ -s "$HOOK_DIRS_TEST" ]; then
-    echo "Directory hooks were executed with --no-directory-hooks!" >&2
-    exit 1
-fi
-
-# The 4096 bit setting should persist to the first renewal, but be overridden in the second
-
-size1=`wc -c ${root}/conf/archive/le.wtf/privkey1.pem | cut -d" " -f1`
-size2=`wc -c ${root}/conf/archive/le.wtf/privkey2.pem | cut -d" " -f1`
-size3=`wc -c ${root}/conf/archive/le.wtf/privkey3.pem | cut -d" " -f1`
-# 4096 bit PEM keys are about ~3270 bytes, 2048 ones are about 1700 bytes
-if [ "$size1" -lt 3000 ] || [ "$size2" -lt 3000 ] || [ "$size3" -gt 1800 ] ; then
-    echo key sizes violate assumptions:
-    ls -l "${root}/conf/archive/le.wtf/privkey"*
-    exit 1
-fi
-
-# --renew-by-default is used, so renewal should occur
-[ -f "$HOOK_TEST" ] && rm -f "$HOOK_TEST"
-common renew
-CheckCertCount "le.wtf" 4
-CheckHooks
-CheckDirHooks 5
-
-# test with overlapping directory hooks on the command line
-common renew --cert-name le2.wtf \
-    --pre-hook "$renewal_dir_pre_hook" \
-    --deploy-hook "$renewal_dir_deploy_hook" \
-    --post-hook "$renewal_dir_post_hook"
-CheckDirHooks 1
-
-# test with overlapping directory hooks in the renewal conf files
-common renew --cert-name le2.wtf
-CheckDirHooks 1
-
-# manual-dns-auth.sh will skip completing the challenge for domains that begin
-# with fail.
-common -a manual -d dns1.le.wtf,fail.dns1.le.wtf \
-    --allow-subset-of-names \
-    --preferred-challenges dns \
-    --manual-auth-hook ./tests/manual-dns-auth.sh \
-    --manual-cleanup-hook ./tests/manual-dns-cleanup.sh
-
-if common certificates | grep "fail\.dns1\.le\.wtf"; then
-    echo "certificate should not have been issued for domain!" >&2
-    exit 1
-fi
-
-# reuse-key
-common --domains reusekey.le.wtf --reuse-key
-common renew --cert-name reusekey.le.wtf
-CheckCertCount "reusekey.le.wtf" 2
-ls -l "${root}/conf/archive/reusekey.le.wtf/privkey"*
-# The final awk command here exits successfully if its input consists of
-# exactly two lines with identical first fields, and unsuccessfully otherwise.
-sha256sum "${root}/conf/archive/reusekey.le.wtf/privkey"* | TotalAndDistinctLines 2 1
-
-# don't reuse key (just by forcing reissuance without --reuse-key)
-common --cert-name reusekey.le.wtf --domains reusekey.le.wtf --force-renewal
-CheckCertCount "reusekey.le.wtf" 3
-ls -l "${root}/conf/archive/reusekey.le.wtf/privkey"*
-# Exactly three lines, of which exactly two identical first fields.
-sha256sum "${root}/conf/archive/reusekey.le.wtf/privkey"* | TotalAndDistinctLines 3 2
-
-# Nonetheless, all three certificates are different even though two of them
-# share the same subject key.
-sha256sum "${root}/conf/archive/reusekey.le.wtf/cert"* | TotalAndDistinctLines 3 3
-
-# ECDSA
-openssl ecparam -genkey -name secp384r1 -out "${root}/privkey-p384.pem"
-SAN="DNS:ecdsa.le.wtf" openssl req -new -sha256 \
-    -config "${OPENSSL_CNF:-openssl.cnf}" \
-    -key "${root}/privkey-p384.pem" \
-    -subj "/" \
-    -reqexts san \
-    -outform der \
-    -out "${root}/csr-p384.der"
-common auth --csr "${root}/csr-p384.der" \
-    --cert-path "${root}/csr/cert-p384.pem" \
-    --chain-path "${root}/csr/chain-p384.pem"
-openssl x509 -in "${root}/csr/cert-p384.pem" -text | grep 'ASN1 OID: secp384r1'
-
-# OCSP Must Staple
-common auth --must-staple --domains "must-staple.le.wtf"
-openssl x509 -in "${root}/conf/live/must-staple.le.wtf/cert.pem" -text | grep -E 'status_request|1\.3\.6\.1\.5\.5\.7\.1\.24'
-
-# revoke by account key
-common revoke --cert-path "$root/conf/live/le.wtf/cert.pem" --delete-after-revoke
-# revoke renewed
-common revoke --cert-path "$root/conf/live/le1.wtf/cert.pem" --no-delete-after-revoke
-if [ ! -d "$root/conf/live/le1.wtf" ]; then
-    echo "cert deleted when --no-delete-after-revoke was used!"
-    exit 1
-fi
-common delete --cert-name le1.wtf
-# revoke by cert key
-common revoke --cert-path "$root/conf/live/le2.wtf/cert.pem" \
-    --key-path "$root/conf/live/le2.wtf/privkey.pem"
-
-# Get new certs to test revoke with a reason, by account and by cert key
-common --domains le1.wtf
-common revoke --cert-path "$root/conf/live/le1.wtf/cert.pem" \
-    --reason cessationOfOperation
-common --domains le2.wtf
-common revoke --cert-path "$root/conf/live/le2.wtf/cert.pem" \
-    --key-path "$root/conf/live/le2.wtf/privkey.pem" \
-    --reason keyCompromise
-
-common unregister
-
-out=$(common certificates)
-subdomains="le dns.le newname.le must-staple.le"
-for subdomain in $subdomains; do
-    domain="$subdomain.wtf"
-    if ! echo $out | grep "$domain"; then
-        echo "$domain not in certificates output!"
-        exit 1;
-    fi
-done
-
-# Testing that revocation also deletes by default
-subdomains="le1 le2"
-for subdomain in $subdomains; do
-    domain="$subdomain.wtf"
-    if echo $out | grep "$domain"; then
-        echo "Revoked $domain in certificates output! Should not be!"
-        exit 1;
-    fi
-done
-
-# Test that revocation raises correct error when both --cert-name and --cert-path specified
-common --domains le1.wtf
-out=$(common revoke --cert-path "$root/conf/live/le1.wtf/fullchain.pem" --cert-name "le1.wtf" 2>&1) || true
-if ! echo $out | grep "Exactly one of --cert-path or --cert-name must be specified"; then
-    echo "Non-interactive revoking with both --cert-name and --cert-path "
-    echo "did not raise the correct error!"
-    exit 1
-fi
-
-# Test that revocation doesn't delete if multiple lineages share an archive dir
-common --domains le1.wtf
-common --domains le2.wtf
-sed -i "s|^archive_dir = .*$|archive_dir = $root/conf/archive/le1.wtf|" "$root/conf/renewal/le2.wtf.conf"
-#common update_symlinks # not needed, but a bit more context for what this test is about
-out=$(common revoke --cert-path "$root/conf/live/le1.wtf/cert.pem")
-if ! echo $out | grep "Not deleting revoked certs due to overlapping archive dirs"; then
-    echo "Deleted a cert that had an overlapping archive dir with another lineage!"
-    exit 1
-fi
-
-cert_name="must-staple.le.wtf"
-common delete --cert-name $cert_name
-archive="$root/conf/archive/$cert_name"
-conf="$root/conf/renewal/$cert_name.conf"
-live="$root/conf/live/$cert_name"
-for path in $archive $conf $live; do
-    if [ -e $path ]; then
-        echo "Lineage not properly deleted!"
-        exit 1
-    fi
-done
-
-# Test ACMEv2-only features
-if [ "${BOULDER_INTEGRATION:-v1}" = "v2" ]; then
-    common -a manual -d '*.le4.wtf,le4.wtf' --preferred-challenges dns \
-        --manual-auth-hook ./tests/manual-dns-auth.sh \
-        --manual-cleanup-hook ./tests/manual-dns-cleanup.sh
-fi
-
-# Test OCSP status
-
-## OCSP 1: Check stale OCSP status
-pushd ./tests/integration
-
-OUT=`common certificates --config-dir sample-config`
-TEST_CERTS=`echo "$OUT" | grep TEST_CERT | wc -l`
-EXPIRED=`echo "$OUT" | grep EXPIRED | wc -l`
-
-if [ "$TEST_CERTS" != 2 ] ; then
-    echo "Did not find two test certs as expected ($TEST_CERTS)"
-    exit 1
-fi
-
-if [ "$EXPIRED" != 2 ] ; then
-    echo "Did not find two test certs as expected ($EXPIRED)"
-    exit 1
-fi
-
-popd
-
-## OSCP 2: Check live certificate OCSP status (VALID)
-common --domains le-ocsp-check.wtf
-OUT=`common certificates`
-VALID=`echo $OUT | grep 'Domains: le-ocsp-check.wtf' -A 1 | grep VALID | wc -l`
-EXPIRED=`echo $OUT | grep 'Domains: le-ocsp-check.wtf' -A 1 | grep EXPIRED | wc -l`
-
-if [ "$VALID" != 1 ] ; then
-    echo "Expected le-ocsp-check.wtf to be VALID"
-    exit 1
-fi
-
-if [ "$EXPIRED" != 0 ] ; then
-    echo "Did not expect le-ocsp-check.wtf to be EXPIRED"
-    exit 1
-fi
-
-## OSCP 3: Check live certificate OCSP status (REVOKED)
-common revoke --cert-name le-ocsp-check.wtf --no-delete-after-revoke
-OUT=`common certificates`
-INVALID=`echo $OUT | grep 'Domains: le-ocsp-check.wtf' -A 1 | grep INVALID | wc -l`
-REVOKED=`echo $OUT | grep 'Domains: le-ocsp-check.wtf' -A 1 | grep REVOKED | wc -l`
-
-if [ "$INVALID" != 1 ] ; then
-    echo "Expected le-ocsp-check.wtf to be INVALID"
-    exit 1
-fi
-
-if [ "$REVOKED" != 1 ] ; then
-    echo "Expected le-ocsp-check.wtf to be REVOKED"
-    exit 1
-fi
-
-coverage report --fail-under 64 --include 'certbot/*' --show-missing
diff --git a/tests/certbot-pebble-integration.sh b/tests/certbot-pebble-integration.sh
deleted file mode 100755
index 8711f72c1..000000000
--- a/tests/certbot-pebble-integration.sh
+++ /dev/null
@@ -1,16 +0,0 @@
-#!/bin/bash
-# Simple integration test. Make sure to activate virtualenv beforehand
-# (source venv/bin/activate) and that you are running Pebble test
-# instance (see ./pebble-fetch.sh).
-
-cleanup_and_exit() {
-    EXIT_STATUS=$?
-    unset SERVER
-    exit $EXIT_STATUS
-}
-
-trap cleanup_and_exit EXIT
-
-export SERVER=https://localhost:14000/dir
-
-./tests/certbot-boulder-integration.sh
diff --git a/tests/integration/_common.sh b/tests/integration/_common.sh
deleted file mode 100755
index a0cf3d1b4..000000000
--- a/tests/integration/_common.sh
+++ /dev/null
@@ -1,74 +0,0 @@
-# The -t is required on macOS. It provides a template file path for
-# the kernel to use.
-root=${root:-$(mktemp -d -t leitXXXX)}
-echo "Root integration tests directory: $root"
-config_dir="$root/conf"
-https_port=5001
-http_01_port=5002
-sources="acme/,$(ls -dm certbot*/ | tr -d ' \n')"
-export root config_dir https_port http_01_port sources
-certbot_path="$(command -v certbot)"
-# Flags that are added here will be added to Certbot calls within
-# certbot_test_no_force_renew.
-other_flags="--config-dir $config_dir --work-dir $root/work"
-other_flags="$other_flags --logs-dir $root/logs"
-
-certbot_test () {
-    certbot_test_no_force_renew \
-        --renew-by-default \
-        "$@"
-}
-
-# Succeeds if Certbot version is at least the given version number and fails
-# otherwise. This is useful for making sure Certbot has certain features
-# available. The patch version is currently ignored.
-#
-# Arguments:
-#   First argument is the minimum major version
-#   Second argument is the minimum minor version
-version_at_least () {
-    # Certbot major and minor version (e.g. 0.30)
-    major_minor=$("$certbot_path" --version 2>&1 | cut -d' ' -f2 | cut -d. -f1,2)
-    major=$(echo "$major_minor" | cut -d. -f1)
-    minor=$(echo "$major_minor" | cut -d. -f2)
-    # Test that either the major version is greater or major version is equal
-    # and minor version is greater than or equal to.
-    [ \( "$major" -gt "$1" \) -o \( "$major" -eq "$1" -a "$minor" -ge "$2" \) ]
-}
-
-# Use local ACMEv2 endpoint if requested and SERVER isn't already set.
-if [ "${BOULDER_INTEGRATION:-v1}" = "v2" -a -z "${SERVER:+x}" ]; then
-    SERVER="http://localhost:4001/directory"
-fi
-
-# --no-random-sleep-on-renew was added in
-# https://github.com/certbot/certbot/pull/6599 and first released in Certbot
-# 0.30.0.
-if version_at_least 0 30; then
-  other_flags="$other_flags --no-random-sleep-on-renew"
-fi
-
-certbot_test_no_force_renew () {
-    omit_patterns="*/*.egg-info/*,*/dns_common*,*/setup.py,*/test_*,*/tests/*"
-    omit_patterns="$omit_patterns,*_test.py,*_test_*,certbot-apache/*"
-    omit_patterns="$omit_patterns,certbot-compatibility-test/*,certbot-dns*/"
-    omit_patterns="$omit_patterns,certbot-nginx/certbot_nginx/parser_obj.py"
-    coverage run \
-        --append \
-        --source $sources \
-        --omit $omit_patterns \
-        "$certbot_path" \
-            --server "${SERVER:-http://localhost:4000/directory}" \
-            --no-verify-ssl \
-            --http-01-port $http_01_port \
-            --https-port $https_port \
-            --manual-public-ip-logging-ok \
-            $other_flags \
-            --non-interactive \
-            --no-redirect \
-            --agree-tos \
-            --register-unsafely-without-email \
-            --debug \
-            -vv \
-            "$@"
-}
diff --git a/tests/integration/sample-config/accounts/acme-staging.api.letsencrypt.org/directory/48d6b9e8d767eccf7e4d877d6ffa81e3/meta.json b/tests/integration/sample-config/accounts/acme-staging.api.letsencrypt.org/directory/48d6b9e8d767eccf7e4d877d6ffa81e3/meta.json
deleted file mode 100644
index 6fe0b47f3..000000000
--- a/tests/integration/sample-config/accounts/acme-staging.api.letsencrypt.org/directory/48d6b9e8d767eccf7e4d877d6ffa81e3/meta.json
+++ /dev/null
@@ -1 +0,0 @@
-{"creation_host": "ec2-52-91-193-99.compute-1.amazonaws.com", "creation_dt": "2016-12-23T02:08:32Z"}
\ No newline at end of file
diff --git a/tests/integration/sample-config/accounts/acme-staging.api.letsencrypt.org/directory/48d6b9e8d767eccf7e4d877d6ffa81e3/private_key.json b/tests/integration/sample-config/accounts/acme-staging.api.letsencrypt.org/directory/48d6b9e8d767eccf7e4d877d6ffa81e3/private_key.json
deleted file mode 100644
index 0affb573d..000000000
--- a/tests/integration/sample-config/accounts/acme-staging.api.letsencrypt.org/directory/48d6b9e8d767eccf7e4d877d6ffa81e3/private_key.json
+++ /dev/null
@@ -1 +0,0 @@
-{"e": "AQAB", "d": "W410Wny96RO4qJ207KGQ3RSn0KAwqb93JBMHWU1yS9H3fN_2eCpFYdMLNFI9t1__nW1okeUioEfvMN_YW-G9krw97kVdZ63MfbeJCf35Onc8VZhAnk_3V8MtS26Of8ml0tTYhlQ65nuzhvHbY7aP-Uk260oDN-AbCCVhu5G4CQiMY6sdtCc8YkB6gK7SK874oWU7ogvAIPtNtEI-AXDUBYNAfoh34s1r2fE6mJSX4UYtzWB2hTUisvZdVL5JUInvxpCQFttk1cwWLFwwb6d2ERCbseeudvGJ6fkYiJ-EYxfHKOQK2kxPeOlLFMwGYQ0khDxTNajxQ1Asl43r7wgAeQ", "n": "xL5HzdhU_7P-_tphpRxpDSIL2L-aAlWt6r9EVyw53Sp-jx4fHDgnYv9HQOzNeL_IpLRCLLBItMzqnBvHUdHcS3aB6fv8HSNiHdVdC-c2rPFO8DLSGLNqi9G9WshjLDsKwc__BPNX5wHFcm8TZUJ4uZ_Ax1JCe05ePHWAf8GTr8vPaKtMpUVF55HPwpJtYvFZlH1LiVo8I_trJtHl8-pGeel3zdcaDJgNZrohZG2acTg95Ry46FE4HOslAg8Z6yECPyYLInJSDcb5yCgSqtOOp7rMVSPQFhoZRt4KDfew9lqIwNQSJoDE3bJWpwkzL1tp4clG8ExI1WnA86OjW83Vvw", "q": "0xdfHMMKYWHPE1UoQ10niDI7rnCM9vmPo4JpCOCYZf51KPNJgNaPCw62Q0Y-ZQfCBifypQyf291d0_2C_Rif0WMg07Y-Ypv8SpPK77vLV12GoAoAX2Xy3AJAz1gDBcyUzDtRlrzgCZja9YqIDVzMatkdPJXaBrBu5B-sXv4wGa0", "p": "7pl5xe_400Sn6PdN_F6KLWHFROVd7379WPWGHYmnvOvXx7DmrMjDsTOmhNRlrv7jPemVqMzp1FGsubGBizEMFGyCET30bUgH6ZU7Cmgv-2JKKN1FZnm1QTepZ7kjAT_qRCI6nvN6J0SIX197QOSz3hMmP7UYQXQ32QcVKdCksps", "kty": "RSA", "qi": "zG60VpLZjgR0o7dTeEP-HjbtxHUedyZLGe4FIPyWrPRl28anebkMUGzibpB8z5ohRsqHU2i4tmDq2NMvshISqkpk8t5PLiIcQgU46HQ24SCv7lunkVPKYU1n2uXVVfttrBP4c3UkjYzda1bcIVp6cJHanm_JuWI5nxy9ebVQJiw", "dp": "kRIBx0aj7Jh22x_aa9JzgypKDhzDY4W7tmX5-GWk9ioTVZgKeQ3MZiZ4XZTiimbxdchbNXn5xh0uvuzdTesxZA2he6hGwFcmcHBKqIY2fksBuhznQGpJuXCFcMpRLUZWQrzpFZIGOG_j1tEwGIG1lxXfkKakK8_k0PEMfhMcwHc", "dq": "AsoSRa0GHBdQxy6e45T9ir0vMLToB_NwRHbasHVXTjG4lpvwYrVzGnBNVEI_XNJna_FnMWsjSaJ5NO3qpzGGGxw2ONX1qRPql4mwas6Od08TElZPfvM37FRTSuoc0BzN8ozuHRHN3BKbAheciKCrStYnnr9ULDZ0oKsSegbd19k"}
\ No newline at end of file
diff --git a/tests/integration/sample-config/accounts/acme-staging.api.letsencrypt.org/directory/48d6b9e8d767eccf7e4d877d6ffa81e3/regr.json b/tests/integration/sample-config/accounts/acme-staging.api.letsencrypt.org/directory/48d6b9e8d767eccf7e4d877d6ffa81e3/regr.json
deleted file mode 100644
index fdd2df7da..000000000
--- a/tests/integration/sample-config/accounts/acme-staging.api.letsencrypt.org/directory/48d6b9e8d767eccf7e4d877d6ffa81e3/regr.json
+++ /dev/null
@@ -1 +0,0 @@
-{"body": {"agreement": "https://letsencrypt.org/documents/LE-SA-v1.1.1-August-1-2016.pdf", "key": {"e": "AQAB", "kty": "RSA", "n": "xL5HzdhU_7P-_tphpRxpDSIL2L-aAlWt6r9EVyw53Sp-jx4fHDgnYv9HQOzNeL_IpLRCLLBItMzqnBvHUdHcS3aB6fv8HSNiHdVdC-c2rPFO8DLSGLNqi9G9WshjLDsKwc__BPNX5wHFcm8TZUJ4uZ_Ax1JCe05ePHWAf8GTr8vPaKtMpUVF55HPwpJtYvFZlH1LiVo8I_trJtHl8-pGeel3zdcaDJgNZrohZG2acTg95Ry46FE4HOslAg8Z6yECPyYLInJSDcb5yCgSqtOOp7rMVSPQFhoZRt4KDfew9lqIwNQSJoDE3bJWpwkzL1tp4clG8ExI1WnA86OjW83Vvw"}}, "uri": "https://acme-staging.api.letsencrypt.org/acme/reg/566631", "new_authzr_uri": "https://acme-staging.api.letsencrypt.org/acme/new-authz", "terms_of_service": "https://letsencrypt.org/documents/LE-SA-v1.1.1-August-1-2016.pdf"}
\ No newline at end of file
diff --git a/tests/integration/sample-config/archive/a.encryption-example.com/cert1.pem b/tests/integration/sample-config/archive/a.encryption-example.com/cert1.pem
deleted file mode 100644
index 80739dd3f..000000000
--- a/tests/integration/sample-config/archive/a.encryption-example.com/cert1.pem
+++ /dev/null
@@ -1,29 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIE9TCCA92gAwIBAgITAPrA8hxQOlpVRMgAm/Ib0HYdqzANBgkqhkiG9w0BAQsF
-ADAiMSAwHgYDVQQDDBdGYWtlIExFIEludGVybWVkaWF0ZSBYMTAeFw0xNjEyMjMw
-MTAyMDBaFw0xNzAzMjMwMTAyMDBaMCMxITAfBgNVBAMTGGEuZW5jcnlwdGlvbi1l
-eGFtcGxlLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKqz0cco
-hsCqyWPwGr79a8j+JO3HqbphLTzhoNHYF+fW8glyMyBmOMyZjc8v8E3U3KYEXuuR
-WzR+bvUXBcLOhSogIifZDNiMKEFyDNcDlG08ze9GTj2hTQyjet2ZuPWNuuJ4u5UM
-FvobaceDqITuqEqUrjCBi5CmEXswrV3l2BVSiOcPf+l+ZR81xG7qcjGfLG6YQWca
-nsYYorz/kSRtwYjAT4NaeUYNXVeH1luWTWhbed8pmKfBVfv+OEmwUyAhSE1ePfny
-Cj37wo1+nqQz37IJNEpI0RNbxrE7ZCgA40QrFVqc9XevcypFi9DftVWzDNBtd97Q
-lmHuIqA9Kb3C/e8CAwEAAaOCAiEwggIdMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUE
-FjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQU
-C7/XcCnNRht91hnQVEB2E9AtNUowHwYDVR0jBBgwFoAUwMwDRrlYIMxccnDz4S7L
-IKb1aDoweAYIKwYBBQUHAQEEbDBqMDMGCCsGAQUFBzABhidodHRwOi8vb2NzcC5z
-dGctaW50LXgxLmxldHNlbmNyeXB0Lm9yZy8wMwYIKwYBBQUHMAKGJ2h0dHA6Ly9j
-ZXJ0LnN0Zy1pbnQteDEubGV0c2VuY3J5cHQub3JnLzAjBgNVHREEHDAaghhhLmVu
-Y3J5cHRpb24tZXhhbXBsZS5jb20wgf4GA1UdIASB9jCB8zAIBgZngQwBAgEwgeYG
-CysGAQQBgt8TAQEBMIHWMCYGCCsGAQUFBwIBFhpodHRwOi8vY3BzLmxldHNlbmNy
-eXB0Lm9yZzCBqwYIKwYBBQUHAgIwgZ4MgZtUaGlzIENlcnRpZmljYXRlIG1heSBv
-bmx5IGJlIHJlbGllZCB1cG9uIGJ5IFJlbHlpbmcgUGFydGllcyBhbmQgb25seSBp
-biBhY2NvcmRhbmNlIHdpdGggdGhlIENlcnRpZmljYXRlIFBvbGljeSBmb3VuZCBh
-dCBodHRwczovL2xldHNlbmNyeXB0Lm9yZy9yZXBvc2l0b3J5LzANBgkqhkiG9w0B
-AQsFAAOCAQEAP04z87VVNYYHpBkCLkw3B+gTd/F0xDo7ab2HvJJAeOpZgSfoSYMR
-omYWiug9wGQqKjs4kaOGjAkW1EV3qosumOtvK7uTvoa2caXDjPYAxRiVIp08Qm0J
-/FU/FfGpUXBZW9Ne3m3nDYxOCAWAw9WmV+dUuvb7qZWQSKs7cQv3FY/NuQe0o9LH
-FgL7T0W7vc6uVGeBgcoEkX7xX4T7A9V3BqL6mgkK+L++n0EFrDXXzWWENNdWYCvY
-Ptu0Ez95IyYNRgI3U1waO9QZ944Pc9OuMCZD4ifbYoMKGqSQb3sGR+B2TQ+qqCUC
-4sikdX4WRbEYKlBTcvSpCVJ7ndFTyD6lyg==
------END CERTIFICATE-----
diff --git a/tests/integration/sample-config/archive/a.encryption-example.com/chain1.pem b/tests/integration/sample-config/archive/a.encryption-example.com/chain1.pem
deleted file mode 100644
index 29a54e2a1..000000000
--- a/tests/integration/sample-config/archive/a.encryption-example.com/chain1.pem
+++ /dev/null
@@ -1,27 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIEqzCCApOgAwIBAgIRAIvhKg5ZRO08VGQx8JdhT+UwDQYJKoZIhvcNAQELBQAw
-GjEYMBYGA1UEAwwPRmFrZSBMRSBSb290IFgxMB4XDTE2MDUyMzIyMDc1OVoXDTM2
-MDUyMzIyMDc1OVowIjEgMB4GA1UEAwwXRmFrZSBMRSBJbnRlcm1lZGlhdGUgWDEw
-ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDtWKySDn7rWZc5ggjz3ZB0
-8jO4xti3uzINfD5sQ7Lj7hzetUT+wQob+iXSZkhnvx+IvdbXF5/yt8aWPpUKnPym
-oLxsYiI5gQBLxNDzIec0OIaflWqAr29m7J8+NNtApEN8nZFnf3bhehZW7AxmS1m0
-ZnSsdHw0Fw+bgixPg2MQ9k9oefFeqa+7Kqdlz5bbrUYV2volxhDFtnI4Mh8BiWCN
-xDH1Hizq+GKCcHsinDZWurCqder/afJBnQs+SBSL6MVApHt+d35zjBD92fO2Je56
-dhMfzCgOKXeJ340WhW3TjD1zqLZXeaCyUNRnfOmWZV8nEhtHOFbUCU7r/KkjMZO9
-AgMBAAGjgeMwgeAwDgYDVR0PAQH/BAQDAgGGMBIGA1UdEwEB/wQIMAYBAf8CAQAw
-HQYDVR0OBBYEFMDMA0a5WCDMXHJw8+EuyyCm9Wg6MHoGCCsGAQUFBwEBBG4wbDA0
-BggrBgEFBQcwAYYoaHR0cDovL29jc3Auc3RnLXJvb3QteDEubGV0c2VuY3J5cHQu
-b3JnLzA0BggrBgEFBQcwAoYoaHR0cDovL2NlcnQuc3RnLXJvb3QteDEubGV0c2Vu
-Y3J5cHQub3JnLzAfBgNVHSMEGDAWgBTBJnSkikSg5vogKNhcI5pFiBh54DANBgkq
-hkiG9w0BAQsFAAOCAgEABYSu4Il+fI0MYU42OTmEj+1HqQ5DvyAeyCA6sGuZdwjF
-UGeVOv3NnLyfofuUOjEbY5irFCDtnv+0ckukUZN9lz4Q2YjWGUpW4TTu3ieTsaC9
-AFvCSgNHJyWSVtWvB5XDxsqawl1KzHzzwr132bF2rtGtazSqVqK9E07sGHMCf+zp
-DQVDVVGtqZPHwX3KqUtefE621b8RI6VCl4oD30Olf8pjuzG4JKBFRFclzLRjo/h7
-IkkfjZ8wDa7faOjVXx6n+eUQ29cIMCzr8/rNWHS9pYGGQKJiY2xmVC9h12H99Xyf
-zWE9vb5zKP3MVG6neX1hSdo7PEAb9fqRhHkqVsqUvJlIRmvXvVKTwNCP3eCjRCCI
-PTAvjV+4ni786iXwwFYNz8l3PmPLCyQXWGohnJ8iBm+5nk7O2ynaPVW0U2W+pt2w
-SVuvdDM5zGv2f9ltNWUiYZHJ1mmO97jSY/6YfdOUH66iRtQtDkHBRdkNBsMbD+Em
-2TgBldtHNSJBfB3pm9FblgOcJ0FSWcUDWJ7vO0+NTXlgrRofRT6pVywzxVo6dND0
-WzYlTWeUVsO40xJqhgUQRER9YLOLxJ0O6C8i0xFxAMKOtSdodMB3RIwt7RFQ0uyt
-n5Z5MqkYhlMI3J1tPRTp1nEt9fyGspBOO05gi148Qasp+3N+svqKomoQglNoAxU=
------END CERTIFICATE-----
diff --git a/tests/integration/sample-config/archive/a.encryption-example.com/fullchain1.pem b/tests/integration/sample-config/archive/a.encryption-example.com/fullchain1.pem
deleted file mode 100644
index ba245d213..000000000
--- a/tests/integration/sample-config/archive/a.encryption-example.com/fullchain1.pem
+++ /dev/null
@@ -1,56 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIE9TCCA92gAwIBAgITAPrA8hxQOlpVRMgAm/Ib0HYdqzANBgkqhkiG9w0BAQsF
-ADAiMSAwHgYDVQQDDBdGYWtlIExFIEludGVybWVkaWF0ZSBYMTAeFw0xNjEyMjMw
-MTAyMDBaFw0xNzAzMjMwMTAyMDBaMCMxITAfBgNVBAMTGGEuZW5jcnlwdGlvbi1l
-eGFtcGxlLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKqz0cco
-hsCqyWPwGr79a8j+JO3HqbphLTzhoNHYF+fW8glyMyBmOMyZjc8v8E3U3KYEXuuR
-WzR+bvUXBcLOhSogIifZDNiMKEFyDNcDlG08ze9GTj2hTQyjet2ZuPWNuuJ4u5UM
-FvobaceDqITuqEqUrjCBi5CmEXswrV3l2BVSiOcPf+l+ZR81xG7qcjGfLG6YQWca
-nsYYorz/kSRtwYjAT4NaeUYNXVeH1luWTWhbed8pmKfBVfv+OEmwUyAhSE1ePfny
-Cj37wo1+nqQz37IJNEpI0RNbxrE7ZCgA40QrFVqc9XevcypFi9DftVWzDNBtd97Q
-lmHuIqA9Kb3C/e8CAwEAAaOCAiEwggIdMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUE
-FjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQU
-C7/XcCnNRht91hnQVEB2E9AtNUowHwYDVR0jBBgwFoAUwMwDRrlYIMxccnDz4S7L
-IKb1aDoweAYIKwYBBQUHAQEEbDBqMDMGCCsGAQUFBzABhidodHRwOi8vb2NzcC5z
-dGctaW50LXgxLmxldHNlbmNyeXB0Lm9yZy8wMwYIKwYBBQUHMAKGJ2h0dHA6Ly9j
-ZXJ0LnN0Zy1pbnQteDEubGV0c2VuY3J5cHQub3JnLzAjBgNVHREEHDAaghhhLmVu
-Y3J5cHRpb24tZXhhbXBsZS5jb20wgf4GA1UdIASB9jCB8zAIBgZngQwBAgEwgeYG
-CysGAQQBgt8TAQEBMIHWMCYGCCsGAQUFBwIBFhpodHRwOi8vY3BzLmxldHNlbmNy
-eXB0Lm9yZzCBqwYIKwYBBQUHAgIwgZ4MgZtUaGlzIENlcnRpZmljYXRlIG1heSBv
-bmx5IGJlIHJlbGllZCB1cG9uIGJ5IFJlbHlpbmcgUGFydGllcyBhbmQgb25seSBp
-biBhY2NvcmRhbmNlIHdpdGggdGhlIENlcnRpZmljYXRlIFBvbGljeSBmb3VuZCBh
-dCBodHRwczovL2xldHNlbmNyeXB0Lm9yZy9yZXBvc2l0b3J5LzANBgkqhkiG9w0B
-AQsFAAOCAQEAP04z87VVNYYHpBkCLkw3B+gTd/F0xDo7ab2HvJJAeOpZgSfoSYMR
-omYWiug9wGQqKjs4kaOGjAkW1EV3qosumOtvK7uTvoa2caXDjPYAxRiVIp08Qm0J
-/FU/FfGpUXBZW9Ne3m3nDYxOCAWAw9WmV+dUuvb7qZWQSKs7cQv3FY/NuQe0o9LH
-FgL7T0W7vc6uVGeBgcoEkX7xX4T7A9V3BqL6mgkK+L++n0EFrDXXzWWENNdWYCvY
-Ptu0Ez95IyYNRgI3U1waO9QZ944Pc9OuMCZD4ifbYoMKGqSQb3sGR+B2TQ+qqCUC
-4sikdX4WRbEYKlBTcvSpCVJ7ndFTyD6lyg==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIEqzCCApOgAwIBAgIRAIvhKg5ZRO08VGQx8JdhT+UwDQYJKoZIhvcNAQELBQAw
-GjEYMBYGA1UEAwwPRmFrZSBMRSBSb290IFgxMB4XDTE2MDUyMzIyMDc1OVoXDTM2
-MDUyMzIyMDc1OVowIjEgMB4GA1UEAwwXRmFrZSBMRSBJbnRlcm1lZGlhdGUgWDEw
-ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDtWKySDn7rWZc5ggjz3ZB0
-8jO4xti3uzINfD5sQ7Lj7hzetUT+wQob+iXSZkhnvx+IvdbXF5/yt8aWPpUKnPym
-oLxsYiI5gQBLxNDzIec0OIaflWqAr29m7J8+NNtApEN8nZFnf3bhehZW7AxmS1m0
-ZnSsdHw0Fw+bgixPg2MQ9k9oefFeqa+7Kqdlz5bbrUYV2volxhDFtnI4Mh8BiWCN
-xDH1Hizq+GKCcHsinDZWurCqder/afJBnQs+SBSL6MVApHt+d35zjBD92fO2Je56
-dhMfzCgOKXeJ340WhW3TjD1zqLZXeaCyUNRnfOmWZV8nEhtHOFbUCU7r/KkjMZO9
-AgMBAAGjgeMwgeAwDgYDVR0PAQH/BAQDAgGGMBIGA1UdEwEB/wQIMAYBAf8CAQAw
-HQYDVR0OBBYEFMDMA0a5WCDMXHJw8+EuyyCm9Wg6MHoGCCsGAQUFBwEBBG4wbDA0
-BggrBgEFBQcwAYYoaHR0cDovL29jc3Auc3RnLXJvb3QteDEubGV0c2VuY3J5cHQu
-b3JnLzA0BggrBgEFBQcwAoYoaHR0cDovL2NlcnQuc3RnLXJvb3QteDEubGV0c2Vu
-Y3J5cHQub3JnLzAfBgNVHSMEGDAWgBTBJnSkikSg5vogKNhcI5pFiBh54DANBgkq
-hkiG9w0BAQsFAAOCAgEABYSu4Il+fI0MYU42OTmEj+1HqQ5DvyAeyCA6sGuZdwjF
-UGeVOv3NnLyfofuUOjEbY5irFCDtnv+0ckukUZN9lz4Q2YjWGUpW4TTu3ieTsaC9
-AFvCSgNHJyWSVtWvB5XDxsqawl1KzHzzwr132bF2rtGtazSqVqK9E07sGHMCf+zp
-DQVDVVGtqZPHwX3KqUtefE621b8RI6VCl4oD30Olf8pjuzG4JKBFRFclzLRjo/h7
-IkkfjZ8wDa7faOjVXx6n+eUQ29cIMCzr8/rNWHS9pYGGQKJiY2xmVC9h12H99Xyf
-zWE9vb5zKP3MVG6neX1hSdo7PEAb9fqRhHkqVsqUvJlIRmvXvVKTwNCP3eCjRCCI
-PTAvjV+4ni786iXwwFYNz8l3PmPLCyQXWGohnJ8iBm+5nk7O2ynaPVW0U2W+pt2w
-SVuvdDM5zGv2f9ltNWUiYZHJ1mmO97jSY/6YfdOUH66iRtQtDkHBRdkNBsMbD+Em
-2TgBldtHNSJBfB3pm9FblgOcJ0FSWcUDWJ7vO0+NTXlgrRofRT6pVywzxVo6dND0
-WzYlTWeUVsO40xJqhgUQRER9YLOLxJ0O6C8i0xFxAMKOtSdodMB3RIwt7RFQ0uyt
-n5Z5MqkYhlMI3J1tPRTp1nEt9fyGspBOO05gi148Qasp+3N+svqKomoQglNoAxU=
------END CERTIFICATE-----
diff --git a/tests/integration/sample-config/archive/a.encryption-example.com/privkey1.pem b/tests/integration/sample-config/archive/a.encryption-example.com/privkey1.pem
deleted file mode 100644
index b3059cb47..000000000
--- a/tests/integration/sample-config/archive/a.encryption-example.com/privkey1.pem
+++ /dev/null
@@ -1,28 +0,0 @@
------BEGIN PRIVATE KEY-----
-MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCqs9HHKIbAqslj
-8Bq+/WvI/iTtx6m6YS084aDR2Bfn1vIJcjMgZjjMmY3PL/BN1NymBF7rkVs0fm71
-FwXCzoUqICIn2QzYjChBcgzXA5RtPM3vRk49oU0Mo3rdmbj1jbrieLuVDBb6G2nH
-g6iE7qhKlK4wgYuQphF7MK1d5dgVUojnD3/pfmUfNcRu6nIxnyxumEFnGp7GGKK8
-/5EkbcGIwE+DWnlGDV1Xh9Zblk1oW3nfKZinwVX7/jhJsFMgIUhNXj358go9+8KN
-fp6kM9+yCTRKSNETW8axO2QoAONEKxVanPV3r3MqRYvQ37VVswzQbXfe0JZh7iKg
-PSm9wv3vAgMBAAECggEAattP6Wz8FaWTlgTaqU44Z8R314VSQULNr7vKETJFnLKY
-JsOfL5vt2F4TQGxQ8Ffcm+xGgw4l2tF+odv8ljrzbzBYUTt06CWsmXNMiFhMVKlo
-fG01Uy0i71Ny+T9eYhCLuXM8cYv04jHA4M0Q8831+WHjPKgLdswOS2BoVkwoHQfc
-xEo40D0sPynd+KRukhgR+5AjwMdaNOV7S8c5iuQYIaZ1Xe5AyfiQkMV4LdbobMDj
-bHzGxdeC5GRVOHnMBYrRotgSt4+bsQGeoV9yWY0WAVvnoDfRBRdWK8yRVhuJY1+D
-WB6sPJ5cOg7Ijclubo9b+EaUkddvP0aCA3FepqNwcQKBgQDR0hz9OSom2fBjLaR2
-mQe3LqnotwPCuMmXuKndGIwJz9KgelBaRNUcvDtnzSzQVZ3h9/YFJKUkoVPVCoAu
-wAF9aBeDGs+LdHerBK8fI87PXwCV0OlZLQfUw1/82dpO/dyYXVeGorrO6FE/Oxb8
-enLerMW0Ocp/MhEgM5lFRUJM1wKBgQDQRauI9QuMoBnl516pOs+7EPRvTwe4oBpO
-iH2U7ryJ/YQTgsx25sDWqQBouEnv3j83wnVh9kApkS8UXFd4ZwuizIFCMlgrxw4x
-nKDsd1TZOLUO2FNi09YWPUnzxzQBOjBeekEIDKUQCLOKttTrjRHgGld3tmVtHWtL
-W+OvNIdcqQKBgCMpqjAJr3W5Wl7UnFY/yRo62MCmQxwT6bzidp0V6woN6Qd52BN4
-q5pYNUBtExCK+J2Q94rfHEnqO2ldjCPJi7ZfhmkzSgrd5twjOdHnJ1Z7Xla9Hw4R
-zNksMN7oB3zrcFecdPmcNeBM8Ki/F1gSkUOeArf0Y2ozkskpvIruU3EbAoGBAMVz
-h7CMQKrNjj/8Hi5qZ05+QH7Wegd7IfWaSRTNUUmxY2nr81Q2aFQaXRzquo4CMgT3
-Arog76t4zR2MfhDUAKATKehMOnMmgDpgt9/3MiXOMTkltchX9PuYl2faT19qfzjS
-xpyPAF43IaA8vZejYnMIBiyka3wLDBGhyDXuovYhAoGAB/AZnOM/4SQuIdtzmBSy
-YsHpXcNgRPqvfauCus3e5I6H4wmi+nqF/jyt0oyDBDKZki67CpStwu5Eo7tcLLnY
-o+VfJ9co8jUfVxRh0NlZwomF1t/8yAm/deWoV9sX9Yj71ft/eomCifNseeeg31Kl
-wkqKc3PndJHrR40mswUOHbs=
------END PRIVATE KEY-----
diff --git a/tests/integration/sample-config/archive/b.encryption-example.com/cert1.pem b/tests/integration/sample-config/archive/b.encryption-example.com/cert1.pem
deleted file mode 100644
index 0c1c6b5ef..000000000
--- a/tests/integration/sample-config/archive/b.encryption-example.com/cert1.pem
+++ /dev/null
@@ -1,29 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIE9TCCA92gAwIBAgITAPqBl0IgXf6F9LO/8sV1SsoA9DANBgkqhkiG9w0BAQsF
-ADAiMSAwHgYDVQQDDBdGYWtlIExFIEludGVybWVkaWF0ZSBYMTAeFw0xNjEyMjMw
-MTA0MDBaFw0xNzAzMjMwMTA0MDBaMCMxITAfBgNVBAMTGGIuZW5jcnlwdGlvbi1l
-eGFtcGxlLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALWA6tWR
-FAfYyOEM9HtJXK4tCd1tGF2QZrlJHEL3PJzFHonv7ZaPo6Vkrar1uLinM4AVux/f
-s9vcsbdebu54DXpj1IllzjKs3tjStHK46luMqj8gf+3yLZIIVnN4YxkItd1WBtim
-+144ku1gULsGnnHmuCefXz6qqkLzFZsElqO7NY+TL4F4m/L0lDjYsU++XgbHT9gi
-Tw0jAi8SyH8Ia4IYi4ynnMuHuS11e+yOtq16kLW1RdnxrYpleu9z0DU+6Xlr1tbl
-eSkyzbWelDgdsicfOxZz5pbmALXErb472TidcHHK6bsMVhR/P1zQK9Ydc+tC33d0
-XCRRgPoduN8XRfcCAwEAAaOCAiEwggIdMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUE
-FjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQU
-RJ6J6HcpXRdRjqfyGshMEzkJy4cwHwYDVR0jBBgwFoAUwMwDRrlYIMxccnDz4S7L
-IKb1aDoweAYIKwYBBQUHAQEEbDBqMDMGCCsGAQUFBzABhidodHRwOi8vb2NzcC5z
-dGctaW50LXgxLmxldHNlbmNyeXB0Lm9yZy8wMwYIKwYBBQUHMAKGJ2h0dHA6Ly9j
-ZXJ0LnN0Zy1pbnQteDEubGV0c2VuY3J5cHQub3JnLzAjBgNVHREEHDAaghhiLmVu
-Y3J5cHRpb24tZXhhbXBsZS5jb20wgf4GA1UdIASB9jCB8zAIBgZngQwBAgEwgeYG
-CysGAQQBgt8TAQEBMIHWMCYGCCsGAQUFBwIBFhpodHRwOi8vY3BzLmxldHNlbmNy
-eXB0Lm9yZzCBqwYIKwYBBQUHAgIwgZ4MgZtUaGlzIENlcnRpZmljYXRlIG1heSBv
-bmx5IGJlIHJlbGllZCB1cG9uIGJ5IFJlbHlpbmcgUGFydGllcyBhbmQgb25seSBp
-biBhY2NvcmRhbmNlIHdpdGggdGhlIENlcnRpZmljYXRlIFBvbGljeSBmb3VuZCBh
-dCBodHRwczovL2xldHNlbmNyeXB0Lm9yZy9yZXBvc2l0b3J5LzANBgkqhkiG9w0B
-AQsFAAOCAQEA2K8R+nSf9TmfSeUqB+ckObkf8bgyR0qKx/8fGoYGNAzKVE0KUs8u
-SDIITjbcTivEuSChycZAGQMEMZal8uT8GsFqqJUcEJUzuxbv7nvZkCSdal1PrRsw
-U4cBBuuZ/NvisEZCyjZe8mMdlhcSgThzqljF5Tcz3EWvaH9kxhqr8eL/6pYdAasT
-0HqirveIQUrf9LqEEAYGB3P6VI2kjroxUZif7dt2jvOGwJEJfHOjiC8rp0Db0hVZ
-omXSsZN6mVkbv1q0I7lgKWu1RHfNAefado3TJZHe8JJ5Oxrl3f2hxi3SzuPGgfXV
-ZdKb0zjDXhgumrp0F2eT9zltTIUr8alYcg==
------END CERTIFICATE-----
diff --git a/tests/integration/sample-config/archive/b.encryption-example.com/chain1.pem b/tests/integration/sample-config/archive/b.encryption-example.com/chain1.pem
deleted file mode 100644
index 29a54e2a1..000000000
--- a/tests/integration/sample-config/archive/b.encryption-example.com/chain1.pem
+++ /dev/null
@@ -1,27 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIEqzCCApOgAwIBAgIRAIvhKg5ZRO08VGQx8JdhT+UwDQYJKoZIhvcNAQELBQAw
-GjEYMBYGA1UEAwwPRmFrZSBMRSBSb290IFgxMB4XDTE2MDUyMzIyMDc1OVoXDTM2
-MDUyMzIyMDc1OVowIjEgMB4GA1UEAwwXRmFrZSBMRSBJbnRlcm1lZGlhdGUgWDEw
-ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDtWKySDn7rWZc5ggjz3ZB0
-8jO4xti3uzINfD5sQ7Lj7hzetUT+wQob+iXSZkhnvx+IvdbXF5/yt8aWPpUKnPym
-oLxsYiI5gQBLxNDzIec0OIaflWqAr29m7J8+NNtApEN8nZFnf3bhehZW7AxmS1m0
-ZnSsdHw0Fw+bgixPg2MQ9k9oefFeqa+7Kqdlz5bbrUYV2volxhDFtnI4Mh8BiWCN
-xDH1Hizq+GKCcHsinDZWurCqder/afJBnQs+SBSL6MVApHt+d35zjBD92fO2Je56
-dhMfzCgOKXeJ340WhW3TjD1zqLZXeaCyUNRnfOmWZV8nEhtHOFbUCU7r/KkjMZO9
-AgMBAAGjgeMwgeAwDgYDVR0PAQH/BAQDAgGGMBIGA1UdEwEB/wQIMAYBAf8CAQAw
-HQYDVR0OBBYEFMDMA0a5WCDMXHJw8+EuyyCm9Wg6MHoGCCsGAQUFBwEBBG4wbDA0
-BggrBgEFBQcwAYYoaHR0cDovL29jc3Auc3RnLXJvb3QteDEubGV0c2VuY3J5cHQu
-b3JnLzA0BggrBgEFBQcwAoYoaHR0cDovL2NlcnQuc3RnLXJvb3QteDEubGV0c2Vu
-Y3J5cHQub3JnLzAfBgNVHSMEGDAWgBTBJnSkikSg5vogKNhcI5pFiBh54DANBgkq
-hkiG9w0BAQsFAAOCAgEABYSu4Il+fI0MYU42OTmEj+1HqQ5DvyAeyCA6sGuZdwjF
-UGeVOv3NnLyfofuUOjEbY5irFCDtnv+0ckukUZN9lz4Q2YjWGUpW4TTu3ieTsaC9
-AFvCSgNHJyWSVtWvB5XDxsqawl1KzHzzwr132bF2rtGtazSqVqK9E07sGHMCf+zp
-DQVDVVGtqZPHwX3KqUtefE621b8RI6VCl4oD30Olf8pjuzG4JKBFRFclzLRjo/h7
-IkkfjZ8wDa7faOjVXx6n+eUQ29cIMCzr8/rNWHS9pYGGQKJiY2xmVC9h12H99Xyf
-zWE9vb5zKP3MVG6neX1hSdo7PEAb9fqRhHkqVsqUvJlIRmvXvVKTwNCP3eCjRCCI
-PTAvjV+4ni786iXwwFYNz8l3PmPLCyQXWGohnJ8iBm+5nk7O2ynaPVW0U2W+pt2w
-SVuvdDM5zGv2f9ltNWUiYZHJ1mmO97jSY/6YfdOUH66iRtQtDkHBRdkNBsMbD+Em
-2TgBldtHNSJBfB3pm9FblgOcJ0FSWcUDWJ7vO0+NTXlgrRofRT6pVywzxVo6dND0
-WzYlTWeUVsO40xJqhgUQRER9YLOLxJ0O6C8i0xFxAMKOtSdodMB3RIwt7RFQ0uyt
-n5Z5MqkYhlMI3J1tPRTp1nEt9fyGspBOO05gi148Qasp+3N+svqKomoQglNoAxU=
------END CERTIFICATE-----
diff --git a/tests/integration/sample-config/archive/b.encryption-example.com/fullchain1.pem b/tests/integration/sample-config/archive/b.encryption-example.com/fullchain1.pem
deleted file mode 100644
index 705cca6c3..000000000
--- a/tests/integration/sample-config/archive/b.encryption-example.com/fullchain1.pem
+++ /dev/null
@@ -1,56 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIE9TCCA92gAwIBAgITAPqBl0IgXf6F9LO/8sV1SsoA9DANBgkqhkiG9w0BAQsF
-ADAiMSAwHgYDVQQDDBdGYWtlIExFIEludGVybWVkaWF0ZSBYMTAeFw0xNjEyMjMw
-MTA0MDBaFw0xNzAzMjMwMTA0MDBaMCMxITAfBgNVBAMTGGIuZW5jcnlwdGlvbi1l
-eGFtcGxlLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALWA6tWR
-FAfYyOEM9HtJXK4tCd1tGF2QZrlJHEL3PJzFHonv7ZaPo6Vkrar1uLinM4AVux/f
-s9vcsbdebu54DXpj1IllzjKs3tjStHK46luMqj8gf+3yLZIIVnN4YxkItd1WBtim
-+144ku1gULsGnnHmuCefXz6qqkLzFZsElqO7NY+TL4F4m/L0lDjYsU++XgbHT9gi
-Tw0jAi8SyH8Ia4IYi4ynnMuHuS11e+yOtq16kLW1RdnxrYpleu9z0DU+6Xlr1tbl
-eSkyzbWelDgdsicfOxZz5pbmALXErb472TidcHHK6bsMVhR/P1zQK9Ydc+tC33d0
-XCRRgPoduN8XRfcCAwEAAaOCAiEwggIdMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUE
-FjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQU
-RJ6J6HcpXRdRjqfyGshMEzkJy4cwHwYDVR0jBBgwFoAUwMwDRrlYIMxccnDz4S7L
-IKb1aDoweAYIKwYBBQUHAQEEbDBqMDMGCCsGAQUFBzABhidodHRwOi8vb2NzcC5z
-dGctaW50LXgxLmxldHNlbmNyeXB0Lm9yZy8wMwYIKwYBBQUHMAKGJ2h0dHA6Ly9j
-ZXJ0LnN0Zy1pbnQteDEubGV0c2VuY3J5cHQub3JnLzAjBgNVHREEHDAaghhiLmVu
-Y3J5cHRpb24tZXhhbXBsZS5jb20wgf4GA1UdIASB9jCB8zAIBgZngQwBAgEwgeYG
-CysGAQQBgt8TAQEBMIHWMCYGCCsGAQUFBwIBFhpodHRwOi8vY3BzLmxldHNlbmNy
-eXB0Lm9yZzCBqwYIKwYBBQUHAgIwgZ4MgZtUaGlzIENlcnRpZmljYXRlIG1heSBv
-bmx5IGJlIHJlbGllZCB1cG9uIGJ5IFJlbHlpbmcgUGFydGllcyBhbmQgb25seSBp
-biBhY2NvcmRhbmNlIHdpdGggdGhlIENlcnRpZmljYXRlIFBvbGljeSBmb3VuZCBh
-dCBodHRwczovL2xldHNlbmNyeXB0Lm9yZy9yZXBvc2l0b3J5LzANBgkqhkiG9w0B
-AQsFAAOCAQEA2K8R+nSf9TmfSeUqB+ckObkf8bgyR0qKx/8fGoYGNAzKVE0KUs8u
-SDIITjbcTivEuSChycZAGQMEMZal8uT8GsFqqJUcEJUzuxbv7nvZkCSdal1PrRsw
-U4cBBuuZ/NvisEZCyjZe8mMdlhcSgThzqljF5Tcz3EWvaH9kxhqr8eL/6pYdAasT
-0HqirveIQUrf9LqEEAYGB3P6VI2kjroxUZif7dt2jvOGwJEJfHOjiC8rp0Db0hVZ
-omXSsZN6mVkbv1q0I7lgKWu1RHfNAefado3TJZHe8JJ5Oxrl3f2hxi3SzuPGgfXV
-ZdKb0zjDXhgumrp0F2eT9zltTIUr8alYcg==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIEqzCCApOgAwIBAgIRAIvhKg5ZRO08VGQx8JdhT+UwDQYJKoZIhvcNAQELBQAw
-GjEYMBYGA1UEAwwPRmFrZSBMRSBSb290IFgxMB4XDTE2MDUyMzIyMDc1OVoXDTM2
-MDUyMzIyMDc1OVowIjEgMB4GA1UEAwwXRmFrZSBMRSBJbnRlcm1lZGlhdGUgWDEw
-ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDtWKySDn7rWZc5ggjz3ZB0
-8jO4xti3uzINfD5sQ7Lj7hzetUT+wQob+iXSZkhnvx+IvdbXF5/yt8aWPpUKnPym
-oLxsYiI5gQBLxNDzIec0OIaflWqAr29m7J8+NNtApEN8nZFnf3bhehZW7AxmS1m0
-ZnSsdHw0Fw+bgixPg2MQ9k9oefFeqa+7Kqdlz5bbrUYV2volxhDFtnI4Mh8BiWCN
-xDH1Hizq+GKCcHsinDZWurCqder/afJBnQs+SBSL6MVApHt+d35zjBD92fO2Je56
-dhMfzCgOKXeJ340WhW3TjD1zqLZXeaCyUNRnfOmWZV8nEhtHOFbUCU7r/KkjMZO9
-AgMBAAGjgeMwgeAwDgYDVR0PAQH/BAQDAgGGMBIGA1UdEwEB/wQIMAYBAf8CAQAw
-HQYDVR0OBBYEFMDMA0a5WCDMXHJw8+EuyyCm9Wg6MHoGCCsGAQUFBwEBBG4wbDA0
-BggrBgEFBQcwAYYoaHR0cDovL29jc3Auc3RnLXJvb3QteDEubGV0c2VuY3J5cHQu
-b3JnLzA0BggrBgEFBQcwAoYoaHR0cDovL2NlcnQuc3RnLXJvb3QteDEubGV0c2Vu
-Y3J5cHQub3JnLzAfBgNVHSMEGDAWgBTBJnSkikSg5vogKNhcI5pFiBh54DANBgkq
-hkiG9w0BAQsFAAOCAgEABYSu4Il+fI0MYU42OTmEj+1HqQ5DvyAeyCA6sGuZdwjF
-UGeVOv3NnLyfofuUOjEbY5irFCDtnv+0ckukUZN9lz4Q2YjWGUpW4TTu3ieTsaC9
-AFvCSgNHJyWSVtWvB5XDxsqawl1KzHzzwr132bF2rtGtazSqVqK9E07sGHMCf+zp
-DQVDVVGtqZPHwX3KqUtefE621b8RI6VCl4oD30Olf8pjuzG4JKBFRFclzLRjo/h7
-IkkfjZ8wDa7faOjVXx6n+eUQ29cIMCzr8/rNWHS9pYGGQKJiY2xmVC9h12H99Xyf
-zWE9vb5zKP3MVG6neX1hSdo7PEAb9fqRhHkqVsqUvJlIRmvXvVKTwNCP3eCjRCCI
-PTAvjV+4ni786iXwwFYNz8l3PmPLCyQXWGohnJ8iBm+5nk7O2ynaPVW0U2W+pt2w
-SVuvdDM5zGv2f9ltNWUiYZHJ1mmO97jSY/6YfdOUH66iRtQtDkHBRdkNBsMbD+Em
-2TgBldtHNSJBfB3pm9FblgOcJ0FSWcUDWJ7vO0+NTXlgrRofRT6pVywzxVo6dND0
-WzYlTWeUVsO40xJqhgUQRER9YLOLxJ0O6C8i0xFxAMKOtSdodMB3RIwt7RFQ0uyt
-n5Z5MqkYhlMI3J1tPRTp1nEt9fyGspBOO05gi148Qasp+3N+svqKomoQglNoAxU=
------END CERTIFICATE-----
diff --git a/tests/integration/sample-config/archive/b.encryption-example.com/privkey1.pem b/tests/integration/sample-config/archive/b.encryption-example.com/privkey1.pem
deleted file mode 100644
index c43af4f50..000000000
--- a/tests/integration/sample-config/archive/b.encryption-example.com/privkey1.pem
+++ /dev/null
@@ -1,28 +0,0 @@
------BEGIN PRIVATE KEY-----
-MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQC1gOrVkRQH2Mjh
-DPR7SVyuLQndbRhdkGa5SRxC9zycxR6J7+2Wj6OlZK2q9bi4pzOAFbsf37Pb3LG3
-Xm7ueA16Y9SJZc4yrN7Y0rRyuOpbjKo/IH/t8i2SCFZzeGMZCLXdVgbYpvteOJLt
-YFC7Bp5x5rgnn18+qqpC8xWbBJajuzWPky+BeJvy9JQ42LFPvl4Gx0/YIk8NIwIv
-Esh/CGuCGIuMp5zLh7ktdXvsjratepC1tUXZ8a2KZXrvc9A1Pul5a9bW5XkpMs21
-npQ4HbInHzsWc+aW5gC1xK2+O9k4nXBxyum7DFYUfz9c0CvWHXPrQt93dFwkUYD6
-HbjfF0X3AgMBAAECggEAYjEnWnjNTF10d4Qps5UBxdzpzFfb6apYWH78AiJ9MRbX
-Kaqab2ywDKdF6Qpcb9FM5EtdW6YLSLPBlUFKZEqgiAkAD4D7J6EsQkLjinkNmI+l
-/tbXPuRY0PsfwgJsIjv7H44N0CGuNdAHdNI5eqTfDSHTmOP4hA+SYvvdQWsfD94r
-m4ocr2YfL4BmEh3hujb8NjVD8csSnFlpeVibtJ1rWiv1otLaEuVmcN49n0rIj0IK
-tiCIdqqIscVZ+P3fFfr/E3oL2nhBqxRnzqoK/HNTpI4JJAbRGP51nVr0QhZYpIuj
-xDM+zeuIt0lMYOzoE+JD0612Q66mokBPHZAd5MuEwQKBgQDbdJUQfcw/9zHuWm4n
-9+wYgMN1QhfJNEr21LUjbe551YapkU389mBJJIlmjH5p67PaMRuJ1o6uRJWv40hf
-Y4xy6iViLc1FExIvRVznxMCIyCELtuvYMiCJtaekFKunziniw8yg5SwSZJY3GlXN
-cDAwIcgb9PPU5rBEip8g0DIp1wKBgQDTunF3OtEoVqdsPSmw5y1767YTCsm3dnVT
-+kwp7ZrX3TJ3Xd6EVPWUBP1HbGD3qfsIR+Ha3Vl8OiLNC4zDoZY886U4qY5Mtn4P
-JhUN0H9zYZg2l9gFf9u8RkUoPZPXXuk+eQnlGT133PrkCloDlqP47u/fQ5dV1t6F
-NghgwfOA4QKBgHI/IRMyylBKmj3h6hL4qHqhHiA/Ri7DAHu7hIlrQ4k9ths0wAr/
-IGUzlixC29S8libzBckeX60tm1ez1QuDwaxZZRjVi1V4djERxSoLbchHl5yHoAQv
-JG1Mmnd7I1n6pCefkzn31JfGscUB+sU2sH9+NrUHMqEVb5JfMDRe7p6FAoGAcYGc
-Xqz7gEKkUtSfSyVELxD4dVDtPxuUXsbqmfe1cVA2Q+Pg7NSXKxlZpzak7WEFITVY
-EXtlA8Iu8fnlJuOzpU2BH9VWYi3beseRtew2x2Zksa/JsXkQFekeHiqU3XsWU9WT
-xmw3ldCz+BjMlOvnUAbYNbsIoI4mkQecijKwFkECgYA2zafSyWCW5zAronUBQDEe
-vJumAJ77TwpYzzvH2ic6siWimdePxQ6TgdM3s1FgpdkbaXgKzS5MbZbD0Uyg3MEj
-t6ZT7GSWq39wLDJVDYJ5ClAi8mv9WNs8X8rJ0CkdiPZgHC77OwBELthGn2p9ncar
-Bwhs4S84KEJFT0LAC3YeRQ==
------END PRIVATE KEY-----
diff --git a/tests/integration/sample-config/csr/0000_csr-certbot.pem b/tests/integration/sample-config/csr/0000_csr-certbot.pem
deleted file mode 100644
index 16d73ffde..000000000
--- a/tests/integration/sample-config/csr/0000_csr-certbot.pem
+++ /dev/null
@@ -1,16 +0,0 @@
------BEGIN CERTIFICATE REQUEST-----
-MIIChjCCAW4CAQIwFzEVMBMGA1UEAwwMaXMuaXNub3Qub3JnMIIBIjANBgkqhkiG
-9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7nsHOCTvvQlRYXpI5xE7AggqTVmM8lGi18Y2
-gVlr3WYAS7higHRJjWroAmZ2Bx9IRfHOxwhVWm/hlc/u4w0IYlRnArg6suXrgtn+
-6Ea0WDUCiKEiKvQqD0kaI936hpydU/dY70UZnpKSyi0kiCrLzCkIaXS8HJdLOIXB
-Q4FMVqjppYjUejMgrabthq1QTqU0S4MxwS1oj67VqaAkedGWxFgFQ2kIFV0/WL13
-Xs0SCTYyN96KK1Q2CF63HoN79zc+TVslg32DDU5UF7sVVvlkoHcl0OgR9l4jfou5
-HwmatMjXPI+0bWVxmw6iC6tbK7Dx+ytYIodhEOL52Youzy/lLwIDAQABoCowKAYJ
-KoZIhvcNAQkOMRswGTAXBgNVHREEEDAOggxpcy5pc25vdC5vcmcwDQYJKoZIhvcN
-AQELBQADggEBAAJsLiylvGq64wxVt8EBeXRB4ycBzC5J/pyOWMP9oexW1o3XPhCC
-+0tIQVGk7wJMe3+WiPMVsn4pGOUGDaPvfC7ijlvipzaYyLEfnr+J7pukhYbzNHmu
-XL5lbTJ0hTCfqUjmi1yE4M/v2eX5yNaEHsZExZ1NbtwutE/Tx5iSqt7kxbIoFqmF
-7Tne2JHjt945+/l9yvqaIcEFOmblS0OxY9EjxgJdhKCKbhD/ZoYaVVisc52h/2/M
-jtzvzZr1rZCvFnuQxGDco5vYe3u7uJ9tQHLCMpoIorT3kX3yTdgnWxst6XBVUY/P
-Q6O18obG4ALoP/ESzvTauQIwFVGfal/jqyI=
------END CERTIFICATE REQUEST-----
diff --git a/tests/integration/sample-config/csr/0001_csr-certbot.pem b/tests/integration/sample-config/csr/0001_csr-certbot.pem
deleted file mode 100644
index 452bc45cd..000000000
--- a/tests/integration/sample-config/csr/0001_csr-certbot.pem
+++ /dev/null
@@ -1,16 +0,0 @@
------BEGIN CERTIFICATE REQUEST-----
-MIICgDCCAWgCAQIwFDESMBAGA1UEAwwJaXNub3Qub3JnMIIBIjANBgkqhkiG9w0B
-AQEFAAOCAQ8AMIIBCgKCAQEAsEAy7rdPsYFFt9VsK9NZy+W9nbsYGmvIaMSyJkEg
-Xe2P0MmnWG/hn6F1bLPm85uS5oQsOWDpwVz31tKhoWhUDbRzPWP5Ur2NnHY92Whz
-5tP4ir4vEEDuB9etQ8+wZ7+3z9q1VhPcgDdYyouQVB0QejJ1yUBiVPr289bW//ln
-kj9DFxn4oufoJ4ELSZSZgWFM92EGKMMy1zD2bJH87mI0Gs0pIOEo+QMJ8TvVEbau
-+aFaTANslqRAF5LaWcrPgvHor7cK5w/4bVBZCmY2QYKqlYwZiRPpwg3Ii6B9Q8kz
-rDkGSDjwsazca4api57cza13XkRl7KvyZbwTwlFBud+ydwIDAQABoCcwJQYJKoZI
-hvcNAQkOMRgwFjAUBgNVHREEDTALgglpc25vdC5vcmcwDQYJKoZIhvcNAQELBQAD
-ggEBAB3vniZw2ML6E9jrMY8DtQjPDDNr1BqOGzyOaJipqpGZSRvhTA44DAAjdFpS
-5BLrnXniPIZGG4/6WorLTEDBnlFcLinUg7GDT2DpauQa+4PLxFi13hE1TuSVOp9A
-08YXhzALvZxMIjQ/tVhAp0+PkGEWU2wI0SmDvUUTJqMwSJYgXkf/vBS34/koKywV
-gPDod5AbLuhYgKiQYwDZ0dd69leT0REmizuaHtA6tW3mBgewSKotwqY3fHmhHV8o
-YLSVhImz4jJjK3LjmcdXuBxqE0z+p6n/+lSGG8RR/E8pix4OAkVAP6nyt/loW1BX
-ZzWOuSHozGN5UJSL248vLFWrsV8=
------END CERTIFICATE REQUEST-----
diff --git a/tests/integration/sample-config/csr/0002_csr-certbot.pem b/tests/integration/sample-config/csr/0002_csr-certbot.pem
deleted file mode 100644
index 2ee44b3fd..000000000
--- a/tests/integration/sample-config/csr/0002_csr-certbot.pem
+++ /dev/null
@@ -1,17 +0,0 @@
------BEGIN CERTIFICATE REQUEST-----
-MIICnjCCAYYCAQIwIzEhMB8GA1UEAwwYYS5lbmNyeXB0aW9uLWV4YW1wbGUuY29t
-MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqrPRxyiGwKrJY/Aavv1r
-yP4k7cepumEtPOGg0dgX59byCXIzIGY4zJmNzy/wTdTcpgRe65FbNH5u9RcFws6F
-KiAiJ9kM2IwoQXIM1wOUbTzN70ZOPaFNDKN63Zm49Y264ni7lQwW+htpx4OohO6o
-SpSuMIGLkKYRezCtXeXYFVKI5w9/6X5lHzXEbupyMZ8sbphBZxqexhiivP+RJG3B
-iMBPg1p5Rg1dV4fWW5ZNaFt53ymYp8FV+/44SbBTICFITV49+fIKPfvCjX6epDPf
-sgk0SkjRE1vGsTtkKADjRCsVWpz1d69zKkWL0N+1VbMM0G133tCWYe4ioD0pvcL9
-7wIDAQABoDYwNAYJKoZIhvcNAQkOMScwJTAjBgNVHREEHDAaghhhLmVuY3J5cHRp
-b24tZXhhbXBsZS5jb20wDQYJKoZIhvcNAQELBQADggEBAJyKJHdUwR9BOKYJarUy
-P8mqu6UBUt8faSu6o3EUeDHbnUgxGAVwB5TJV0+JwIjPFQFRofHE8CFhUvi0W0YJ
-BsGVqblnJzz80NkUX9uwjBAGKaDxXqXDOctkQSAOJxM/rvD2uJLmlokibDDm7mnS
-DX8SUVAPgORDGlVTGATjvmA3YeH05gHRFgRDWFP5DOZs99fx4957HrXhsIxew98s
-Felupgswnouyq3crrgcjY0qo3Pc5gjUcuwaT2cjtvzi93f/ImDt6f1sdSSJB00wk
-34lbs/Z+0G8bH1dqYIZzkwNgq7rolhDYh3WRgTlfkgkV7FlkQGm8qn5uoQvaXaaS
-ShM=
------END CERTIFICATE REQUEST-----
diff --git a/tests/integration/sample-config/csr/0003_csr-certbot.pem b/tests/integration/sample-config/csr/0003_csr-certbot.pem
deleted file mode 100644
index 2a50dc33d..000000000
--- a/tests/integration/sample-config/csr/0003_csr-certbot.pem
+++ /dev/null
@@ -1,17 +0,0 @@
------BEGIN CERTIFICATE REQUEST-----
-MIICnjCCAYYCAQIwIzEhMB8GA1UEAwwYYi5lbmNyeXB0aW9uLWV4YW1wbGUuY29t
-MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtYDq1ZEUB9jI4Qz0e0lc
-ri0J3W0YXZBmuUkcQvc8nMUeie/tlo+jpWStqvW4uKczgBW7H9+z29yxt15u7ngN
-emPUiWXOMqze2NK0crjqW4yqPyB/7fItkghWc3hjGQi13VYG2Kb7XjiS7WBQuwae
-cea4J59fPqqqQvMVmwSWo7s1j5MvgXib8vSUONixT75eBsdP2CJPDSMCLxLIfwhr
-ghiLjKecy4e5LXV77I62rXqQtbVF2fGtimV673PQNT7peWvW1uV5KTLNtZ6UOB2y
-Jx87FnPmluYAtcStvjvZOJ1wccrpuwxWFH8/XNAr1h1z60Lfd3RcJFGA+h243xdF
-9wIDAQABoDYwNAYJKoZIhvcNAQkOMScwJTAjBgNVHREEHDAaghhiLmVuY3J5cHRp
-b24tZXhhbXBsZS5jb20wDQYJKoZIhvcNAQELBQADggEBACDw8/zjFaIdp4aqyrzT
-fzaqAnoXZt3+0JDPLANy3DLCJmK2TQMyItg/Oid5NEQ45UluXv811IMCcONyVmrD
-19W3XErhTJOJMgpjg4GLBRRFhLm+uTIcbv/xEeUgOYbslsqwi2gHECe1Vsj/Ahbo
-QXXqcDg1cXe6VTQhX+Nw5q30t/oCmkJWcUVHBON2nbOujRz1+z6AjVl1dM+CYDRq
-bsKn7m3biYS7lx7/ApIuhJQsghcmccCtWrH5GsOUsJUgiANv5u+QZgGaajkCRKYV
-fD/u8qTPfKb/+lTxtDrfFOGH+mbZKbKf2/ibneYcql8fFQWiapbudI2cMk8yDxA9
-2Tw=
------END CERTIFICATE REQUEST-----
diff --git a/tests/integration/sample-config/keys/0000_key-certbot.pem b/tests/integration/sample-config/keys/0000_key-certbot.pem
deleted file mode 100644
index 9a018c41e..000000000
--- a/tests/integration/sample-config/keys/0000_key-certbot.pem
+++ /dev/null
@@ -1,28 +0,0 @@
------BEGIN PRIVATE KEY-----
-MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQDuewc4JO+9CVFh
-ekjnETsCCCpNWYzyUaLXxjaBWWvdZgBLuGKAdEmNaugCZnYHH0hF8c7HCFVab+GV
-z+7jDQhiVGcCuDqy5euC2f7oRrRYNQKIoSIq9CoPSRoj3fqGnJ1T91jvRRmekpLK
-LSSIKsvMKQhpdLwcl0s4hcFDgUxWqOmliNR6MyCtpu2GrVBOpTRLgzHBLWiPrtWp
-oCR50ZbEWAVDaQgVXT9YvXdezRIJNjI33oorVDYIXrceg3v3Nz5NWyWDfYMNTlQX
-uxVW+WSgdyXQ6BH2XiN+i7kfCZq0yNc8j7RtZXGbDqILq1srsPH7K1gih2EQ4vnZ
-ii7PL+UvAgMBAAECggEBAIX9jeLXrfNSRu0z3b4mCjdsCwiGphCIGayOa5VlfptY
-chYZNQ7jR2gzhsPCedIqm1rhL8LYRcyYS/D2cUwUyH8m2PHIPQLC9/3/KZ+sCiv9
-LL1De4USxobsFcnNMLNtT2Ab+1YERw63X85EauAu226MJ3PI6OBPiS3qyNl6zj9p
-do9SyzsNFEGtDk+ndWf3keoHBKLge4DP1lA3Jt42wSUxVv9U5SLvFpMQm8PqbqrK
-4ofXcgxMFIJHDDGXsoDI7LOOsV6ncBVlui0ELM/QWBb5x1605VxqEDRL+h/wMp5Y
-JIc6HbgcERmtHmyFlHHNtjAXxeulJVDJQDekd/irJ5ECgYEA/WQJ4LwkkA/Yhf2W
-WYJtD8LuwzRnvGs3R+rgx3+hOeO4TFZD5fzObZVRSwWQO2jbOtBJOaRLUsUngcJQ
-DXr/FGf1rnGhLmNeLE+jN9FS73wBhEXViFZ/fzhVibGbc7u45Y5REykZj8HtUHP5
-hBKR2Nx94WDiv1MBgcKrRk6yI50CgYEA8O+vWcMzEdPtonHl8UgTa8/c5g/RBBvS
-plB8mVsmM/E5CNwnetZM32cg7dC7yNaZzn3qF6w+LdE2vw3j5VbqvuVUvsRgvYcJ
-3kMbHsbsxkRw+HVWZGgEtWNzuYQUL0xN+xzIZDWkbtuaihqYAy4voYNAM08BTNcE
-POQEMIGxcDsCgYEAg+TLo3grS/WDjhM2bHcQT9D2uRMRIClqx/uBbzaG9HwNFWcd
-xpv102KSwwstTU9CNfXu95sGPhozez5qrumj1rpaTqgE7wF4JnZ5jfdeRRv2KiSz
-hlkH2m+3TontUauYDZ0rpF6TWJnn7iW/7jhARHJY77SfslkBgsqSnnEeFp0CgYEA
-7FsFVvZRzCRt01UOsPL28mWYmyxa7D/rFvKQONUdFgmG3PUz2aIPCX2e5Q1GmlBD
-1Djbg1uaJ9I8dZJHxbzNTnWk+/ujt2mYuax1F20n65xKgsKA/MC6FcM5TH2QW5Hs
-UfI7d2rUI1hVMzPBeiU93qDmQy825E1uP9mjbn5cNe8CgYAsBpJgS1LkDruyWmjG
-ZTzdHGciA1O3gUArLQmyUfJlPS3Hgwn7wnBBihtGZDHmjJ7734+PQ9ioCnO9Pb+K
-8Cp29vJ85lka7o7I48OeScLmczgEUYOPCrbkkKJdKaG6gn5CKpRBVYDlhbWjVZ51
-4uda/BQ1hqHh8WmxK6x21qC9JQ==
------END PRIVATE KEY-----
diff --git a/tests/integration/sample-config/keys/0001_key-certbot.pem b/tests/integration/sample-config/keys/0001_key-certbot.pem
deleted file mode 100644
index a3a7faf55..000000000
--- a/tests/integration/sample-config/keys/0001_key-certbot.pem
+++ /dev/null
@@ -1,28 +0,0 @@
------BEGIN PRIVATE KEY-----
-MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCwQDLut0+xgUW3
-1Wwr01nL5b2duxgaa8hoxLImQSBd7Y/QyadYb+GfoXVss+bzm5LmhCw5YOnBXPfW
-0qGhaFQNtHM9Y/lSvY2cdj3ZaHPm0/iKvi8QQO4H161Dz7Bnv7fP2rVWE9yAN1jK
-i5BUHRB6MnXJQGJU+vbz1tb/+WeSP0MXGfii5+gngQtJlJmBYUz3YQYowzLXMPZs
-kfzuYjQazSkg4Sj5AwnxO9URtq75oVpMA2yWpEAXktpZys+C8eivtwrnD/htUFkK
-ZjZBgqqVjBmJE+nCDciLoH1DyTOsOQZIOPCxrNxrhqmLntzNrXdeRGXsq/JlvBPC
-UUG537J3AgMBAAECggEBAJoZR27X72GvORmmDFG1FInlcIf8EPLo0exoLaqsvnPh
-RSCzbxEvoQFE1boZARB1MVdCsLfqN/bMJhU5TAAni3YAE9HVGyRwfuQRrbnsTYnA
-Q0prRhLb8kIBHIhxijbrtPaSroF4FA42VfehVqt0TffJLpqrJE5QrqI7cPeVRCzk
-laLyi2rjZBhN6l1OxFSIOrEDlcowlPUMORbmNDMbq/dLu5riVO/kP2x70K1IiANI
-NZzVhMwkktYj3Ku2altRLcyRrC3Bs46w2QF6wiC88/LMapt79um65P/SgcCgyOYE
-oxJywZwMnyw8ut1Y+KS8B7AdzqWmj7Q9wr0xbW6+4eECgYEA6sNrMGZVRUFRPAcr
-m3y5fkM/WJ8tAkT3hI2/noljv3k8iameTy/B/y3p+aM8/6Oa/gdO/SWtfKPednkf
-CIh/3J5tJ1yvK7wHEEU6r6qxVKr2FLCMfSXoGx+E+r9qPF8WdV+55beVgO86UqA5
-y9a6DhNA+Xt4jDJc+rbpga0pj60CgYEAwDHDV0lR7jVT6iiU6VhAu1gM/SBVqXE/
-VSfmGihgaO4pJ9OgfqusKbraNONc+oBub7B4T3sSnF/I0mSUclD6brmG99OWLIg8
-L6/ed+bLPRO0iTvKRLbyBLom1Totfh/X6iQ2Zci40vLIS7kbYDban16ca+iSm+0B
-41RV4q6+vzMCgYBLoxiW6HGStZ+xonHHT+EHsCzppac/su64c18IeiV8HFiH1fFe
-e/mZ+LYIqzJM/u5B6CLn5srFfJqBOzbnbescLqLmarM5eQQhltx4mps1tzs/oT4y
-WBM3IembTC6zMsOun1/qhkKR3wHAe0UDyrP5MvTdLI3DRbq1QFdtY1gfpQKBgEgg
-pNGWJ5RBGSvwbOohf7GPOtioEN3VLVJ09crtSjk23+Uda8b+AE9s20Ur6pHsLwXl
-cVFKu9JJtCEZNAiu0T1KjRdmpZ4yxnuTAed3iuByC7fQ43jkO3GAtuAgxD/oDWzG
-iE+sg4hPKtIYNujlzSgwJn3su1CfIq1A0jaPI/C3AoGAHGTBtsXdR1goFvcxwA+n
-l2bAs/InoED5nj26a//JuONgtGlm//QKCxIgjjktpeZm8sfsaYeR+rwIUODWRX/e
-LUF85a70SaH+FZRXBRS2d/zaNxO4F37nE5fwO+VAurSb7El7yOyCepK22iSHMYdl
-xak78KZKv3HXW5yrfA+dc2Y=
------END PRIVATE KEY-----
diff --git a/tests/integration/sample-config/keys/0002_key-certbot.pem b/tests/integration/sample-config/keys/0002_key-certbot.pem
deleted file mode 100644
index b3059cb47..000000000
--- a/tests/integration/sample-config/keys/0002_key-certbot.pem
+++ /dev/null
@@ -1,28 +0,0 @@
------BEGIN PRIVATE KEY-----
-MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCqs9HHKIbAqslj
-8Bq+/WvI/iTtx6m6YS084aDR2Bfn1vIJcjMgZjjMmY3PL/BN1NymBF7rkVs0fm71
-FwXCzoUqICIn2QzYjChBcgzXA5RtPM3vRk49oU0Mo3rdmbj1jbrieLuVDBb6G2nH
-g6iE7qhKlK4wgYuQphF7MK1d5dgVUojnD3/pfmUfNcRu6nIxnyxumEFnGp7GGKK8
-/5EkbcGIwE+DWnlGDV1Xh9Zblk1oW3nfKZinwVX7/jhJsFMgIUhNXj358go9+8KN
-fp6kM9+yCTRKSNETW8axO2QoAONEKxVanPV3r3MqRYvQ37VVswzQbXfe0JZh7iKg
-PSm9wv3vAgMBAAECggEAattP6Wz8FaWTlgTaqU44Z8R314VSQULNr7vKETJFnLKY
-JsOfL5vt2F4TQGxQ8Ffcm+xGgw4l2tF+odv8ljrzbzBYUTt06CWsmXNMiFhMVKlo
-fG01Uy0i71Ny+T9eYhCLuXM8cYv04jHA4M0Q8831+WHjPKgLdswOS2BoVkwoHQfc
-xEo40D0sPynd+KRukhgR+5AjwMdaNOV7S8c5iuQYIaZ1Xe5AyfiQkMV4LdbobMDj
-bHzGxdeC5GRVOHnMBYrRotgSt4+bsQGeoV9yWY0WAVvnoDfRBRdWK8yRVhuJY1+D
-WB6sPJ5cOg7Ijclubo9b+EaUkddvP0aCA3FepqNwcQKBgQDR0hz9OSom2fBjLaR2
-mQe3LqnotwPCuMmXuKndGIwJz9KgelBaRNUcvDtnzSzQVZ3h9/YFJKUkoVPVCoAu
-wAF9aBeDGs+LdHerBK8fI87PXwCV0OlZLQfUw1/82dpO/dyYXVeGorrO6FE/Oxb8
-enLerMW0Ocp/MhEgM5lFRUJM1wKBgQDQRauI9QuMoBnl516pOs+7EPRvTwe4oBpO
-iH2U7ryJ/YQTgsx25sDWqQBouEnv3j83wnVh9kApkS8UXFd4ZwuizIFCMlgrxw4x
-nKDsd1TZOLUO2FNi09YWPUnzxzQBOjBeekEIDKUQCLOKttTrjRHgGld3tmVtHWtL
-W+OvNIdcqQKBgCMpqjAJr3W5Wl7UnFY/yRo62MCmQxwT6bzidp0V6woN6Qd52BN4
-q5pYNUBtExCK+J2Q94rfHEnqO2ldjCPJi7ZfhmkzSgrd5twjOdHnJ1Z7Xla9Hw4R
-zNksMN7oB3zrcFecdPmcNeBM8Ki/F1gSkUOeArf0Y2ozkskpvIruU3EbAoGBAMVz
-h7CMQKrNjj/8Hi5qZ05+QH7Wegd7IfWaSRTNUUmxY2nr81Q2aFQaXRzquo4CMgT3
-Arog76t4zR2MfhDUAKATKehMOnMmgDpgt9/3MiXOMTkltchX9PuYl2faT19qfzjS
-xpyPAF43IaA8vZejYnMIBiyka3wLDBGhyDXuovYhAoGAB/AZnOM/4SQuIdtzmBSy
-YsHpXcNgRPqvfauCus3e5I6H4wmi+nqF/jyt0oyDBDKZki67CpStwu5Eo7tcLLnY
-o+VfJ9co8jUfVxRh0NlZwomF1t/8yAm/deWoV9sX9Yj71ft/eomCifNseeeg31Kl
-wkqKc3PndJHrR40mswUOHbs=
------END PRIVATE KEY-----
diff --git a/tests/integration/sample-config/keys/0003_key-certbot.pem b/tests/integration/sample-config/keys/0003_key-certbot.pem
deleted file mode 100644
index c43af4f50..000000000
--- a/tests/integration/sample-config/keys/0003_key-certbot.pem
+++ /dev/null
@@ -1,28 +0,0 @@
------BEGIN PRIVATE KEY-----
-MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQC1gOrVkRQH2Mjh
-DPR7SVyuLQndbRhdkGa5SRxC9zycxR6J7+2Wj6OlZK2q9bi4pzOAFbsf37Pb3LG3
-Xm7ueA16Y9SJZc4yrN7Y0rRyuOpbjKo/IH/t8i2SCFZzeGMZCLXdVgbYpvteOJLt
-YFC7Bp5x5rgnn18+qqpC8xWbBJajuzWPky+BeJvy9JQ42LFPvl4Gx0/YIk8NIwIv
-Esh/CGuCGIuMp5zLh7ktdXvsjratepC1tUXZ8a2KZXrvc9A1Pul5a9bW5XkpMs21
-npQ4HbInHzsWc+aW5gC1xK2+O9k4nXBxyum7DFYUfz9c0CvWHXPrQt93dFwkUYD6
-HbjfF0X3AgMBAAECggEAYjEnWnjNTF10d4Qps5UBxdzpzFfb6apYWH78AiJ9MRbX
-Kaqab2ywDKdF6Qpcb9FM5EtdW6YLSLPBlUFKZEqgiAkAD4D7J6EsQkLjinkNmI+l
-/tbXPuRY0PsfwgJsIjv7H44N0CGuNdAHdNI5eqTfDSHTmOP4hA+SYvvdQWsfD94r
-m4ocr2YfL4BmEh3hujb8NjVD8csSnFlpeVibtJ1rWiv1otLaEuVmcN49n0rIj0IK
-tiCIdqqIscVZ+P3fFfr/E3oL2nhBqxRnzqoK/HNTpI4JJAbRGP51nVr0QhZYpIuj
-xDM+zeuIt0lMYOzoE+JD0612Q66mokBPHZAd5MuEwQKBgQDbdJUQfcw/9zHuWm4n
-9+wYgMN1QhfJNEr21LUjbe551YapkU389mBJJIlmjH5p67PaMRuJ1o6uRJWv40hf
-Y4xy6iViLc1FExIvRVznxMCIyCELtuvYMiCJtaekFKunziniw8yg5SwSZJY3GlXN
-cDAwIcgb9PPU5rBEip8g0DIp1wKBgQDTunF3OtEoVqdsPSmw5y1767YTCsm3dnVT
-+kwp7ZrX3TJ3Xd6EVPWUBP1HbGD3qfsIR+Ha3Vl8OiLNC4zDoZY886U4qY5Mtn4P
-JhUN0H9zYZg2l9gFf9u8RkUoPZPXXuk+eQnlGT133PrkCloDlqP47u/fQ5dV1t6F
-NghgwfOA4QKBgHI/IRMyylBKmj3h6hL4qHqhHiA/Ri7DAHu7hIlrQ4k9ths0wAr/
-IGUzlixC29S8libzBckeX60tm1ez1QuDwaxZZRjVi1V4djERxSoLbchHl5yHoAQv
-JG1Mmnd7I1n6pCefkzn31JfGscUB+sU2sH9+NrUHMqEVb5JfMDRe7p6FAoGAcYGc
-Xqz7gEKkUtSfSyVELxD4dVDtPxuUXsbqmfe1cVA2Q+Pg7NSXKxlZpzak7WEFITVY
-EXtlA8Iu8fnlJuOzpU2BH9VWYi3beseRtew2x2Zksa/JsXkQFekeHiqU3XsWU9WT
-xmw3ldCz+BjMlOvnUAbYNbsIoI4mkQecijKwFkECgYA2zafSyWCW5zAronUBQDEe
-vJumAJ77TwpYzzvH2ic6siWimdePxQ6TgdM3s1FgpdkbaXgKzS5MbZbD0Uyg3MEj
-t6ZT7GSWq39wLDJVDYJ5ClAi8mv9WNs8X8rJ0CkdiPZgHC77OwBELthGn2p9ncar
-Bwhs4S84KEJFT0LAC3YeRQ==
------END PRIVATE KEY-----
diff --git a/tests/integration/sample-config/live/a.encryption-example.com/README b/tests/integration/sample-config/live/a.encryption-example.com/README
deleted file mode 100644
index 15194ae3a..000000000
--- a/tests/integration/sample-config/live/a.encryption-example.com/README
+++ /dev/null
@@ -1,10 +0,0 @@
-This directory contains your keys and certificates.
-
-`privkey.pem`  : the private key for your certificate.
-`fullchain.pem`: the certificate file used in most server software.
-`chain.pem`    : used for OCSP stapling in Nginx >=1.3.7.
-`cert.pem`     : will break many server configurations, and should not be used
-                 without reading further documentation (see link below).
-
-We recommend not moving these files. For more information, see the Certbot
-User Guide at https://certbot.eff.org/docs/using.html#where-are-my-certificates.
diff --git a/tests/integration/sample-config/live/a.encryption-example.com/cert.pem b/tests/integration/sample-config/live/a.encryption-example.com/cert.pem
deleted file mode 120000
index 79b6abdf9..000000000
--- a/tests/integration/sample-config/live/a.encryption-example.com/cert.pem
+++ /dev/null
@@ -1 +0,0 @@
-../../archive/a.encryption-example.com/cert1.pem
\ No newline at end of file
diff --git a/tests/integration/sample-config/live/a.encryption-example.com/chain.pem b/tests/integration/sample-config/live/a.encryption-example.com/chain.pem
deleted file mode 120000
index 2d6b30420..000000000
--- a/tests/integration/sample-config/live/a.encryption-example.com/chain.pem
+++ /dev/null
@@ -1 +0,0 @@
-../../archive/a.encryption-example.com/chain1.pem
\ No newline at end of file
diff --git a/tests/integration/sample-config/live/a.encryption-example.com/fullchain.pem b/tests/integration/sample-config/live/a.encryption-example.com/fullchain.pem
deleted file mode 120000
index b801ef735..000000000
--- a/tests/integration/sample-config/live/a.encryption-example.com/fullchain.pem
+++ /dev/null
@@ -1 +0,0 @@
-../../archive/a.encryption-example.com/fullchain1.pem
\ No newline at end of file
diff --git a/tests/integration/sample-config/live/a.encryption-example.com/privkey.pem b/tests/integration/sample-config/live/a.encryption-example.com/privkey.pem
deleted file mode 120000
index 74e20c5ff..000000000
--- a/tests/integration/sample-config/live/a.encryption-example.com/privkey.pem
+++ /dev/null
@@ -1 +0,0 @@
-../../archive/a.encryption-example.com/privkey1.pem
\ No newline at end of file
diff --git a/tests/integration/sample-config/live/b.encryption-example.com/README b/tests/integration/sample-config/live/b.encryption-example.com/README
deleted file mode 100644
index 15194ae3a..000000000
--- a/tests/integration/sample-config/live/b.encryption-example.com/README
+++ /dev/null
@@ -1,10 +0,0 @@
-This directory contains your keys and certificates.
-
-`privkey.pem`  : the private key for your certificate.
-`fullchain.pem`: the certificate file used in most server software.
-`chain.pem`    : used for OCSP stapling in Nginx >=1.3.7.
-`cert.pem`     : will break many server configurations, and should not be used
-                 without reading further documentation (see link below).
-
-We recommend not moving these files. For more information, see the Certbot
-User Guide at https://certbot.eff.org/docs/using.html#where-are-my-certificates.
diff --git a/tests/integration/sample-config/live/b.encryption-example.com/cert.pem b/tests/integration/sample-config/live/b.encryption-example.com/cert.pem
deleted file mode 120000
index 41b06370e..000000000
--- a/tests/integration/sample-config/live/b.encryption-example.com/cert.pem
+++ /dev/null
@@ -1 +0,0 @@
-../../archive/b.encryption-example.com/cert1.pem
\ No newline at end of file
diff --git a/tests/integration/sample-config/live/b.encryption-example.com/chain.pem b/tests/integration/sample-config/live/b.encryption-example.com/chain.pem
deleted file mode 120000
index 2d3e18bec..000000000
--- a/tests/integration/sample-config/live/b.encryption-example.com/chain.pem
+++ /dev/null
@@ -1 +0,0 @@
-../../archive/b.encryption-example.com/chain1.pem
\ No newline at end of file
diff --git a/tests/integration/sample-config/live/b.encryption-example.com/fullchain.pem b/tests/integration/sample-config/live/b.encryption-example.com/fullchain.pem
deleted file mode 120000
index 3a08c1432..000000000
--- a/tests/integration/sample-config/live/b.encryption-example.com/fullchain.pem
+++ /dev/null
@@ -1 +0,0 @@
-../../archive/b.encryption-example.com/fullchain1.pem
\ No newline at end of file
diff --git a/tests/integration/sample-config/live/b.encryption-example.com/privkey.pem b/tests/integration/sample-config/live/b.encryption-example.com/privkey.pem
deleted file mode 120000
index 182aa6d78..000000000
--- a/tests/integration/sample-config/live/b.encryption-example.com/privkey.pem
+++ /dev/null
@@ -1 +0,0 @@
-../../archive/b.encryption-example.com/privkey1.pem
\ No newline at end of file
diff --git a/tests/integration/sample-config/options-ssl-apache.conf b/tests/integration/sample-config/options-ssl-apache.conf
deleted file mode 100644
index ec07a4ba3..000000000
--- a/tests/integration/sample-config/options-ssl-apache.conf
+++ /dev/null
@@ -1,22 +0,0 @@
-# Baseline setting to Include for SSL sites
-
-SSLEngine on
-
-# Intermediate configuration, tweak to your needs
-SSLProtocol             all -SSLv2 -SSLv3
-SSLCipherSuite          ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA
-SSLHonorCipherOrder     on
-SSLCompression          off
-
-SSLOptions +StrictRequire
-
-# Add vhost name to log entries:
-LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-agent}i\"" vhost_combined
-LogFormat "%v %h %l %u %t \"%r\" %>s %b" vhost_common
-
-#CustomLog /var/log/apache2/access.log vhost_combined
-#LogLevel warn
-#ErrorLog /var/log/apache2/error.log
-
-# Always ensure Cookies have "Secure" set (JAH 2012/1)
-#Header edit Set-Cookie (?i)^(.*)(;\s*secure)??((\s*;)?(.*)) "$1; Secure$3$4"
diff --git a/tests/integration/sample-config/renewal/a.encryption-example.com.conf b/tests/integration/sample-config/renewal/a.encryption-example.com.conf
deleted file mode 100644
index 4455137b4..000000000
--- a/tests/integration/sample-config/renewal/a.encryption-example.com.conf
+++ /dev/null
@@ -1,15 +0,0 @@
-# renew_before_expiry = 30 days
-version = 0.10.0.dev0
-archive_dir = sample-config/archive/a.encryption-example.com
-cert = sample-config/live/a.encryption-example.com/cert.pem
-privkey = sample-config/live/a.encryption-example.com/privkey.pem
-chain = sample-config/live/a.encryption-example.com/chain.pem
-fullchain = sample-config/live/a.encryption-example.com/fullchain.pem
-
-# Options used in the renewal process
-[renewalparams]
-authenticator = apache
-installer = apache
-account = 48d6b9e8d767eccf7e4d877d6ffa81e3
-config_dir = sample-config
-server = https://acme-staging.api.letsencrypt.org/directory
diff --git a/tests/integration/sample-config/renewal/b.encryption-example.com.conf b/tests/integration/sample-config/renewal/b.encryption-example.com.conf
deleted file mode 100644
index 58d8a13d9..000000000
--- a/tests/integration/sample-config/renewal/b.encryption-example.com.conf
+++ /dev/null
@@ -1,15 +0,0 @@
-# renew_before_expiry = 30 days
-version = 0.10.0.dev0
-archive_dir = sample-config/archive/b.encryption-example.com
-cert = sample-config/live/b.encryption-example.com/cert.pem
-privkey = sample-config/live/b.encryption-example.com/privkey.pem
-chain = sample-config/live/b.encryption-example.com/chain.pem
-fullchain = sample-config/live/b.encryption-example.com/fullchain.pem
-
-# Options used in the renewal process
-[renewalparams]
-authenticator = apache
-installer = apache
-account = 48d6b9e8d767eccf7e4d877d6ffa81e3
-config_dir = sample-config
-server = https://acme-staging.api.letsencrypt.org/directory
diff --git a/tests/lock_test.py b/tests/lock_test.py
index aaa8ce2d9..2fde6a2cc 100644
--- a/tests/lock_test.py
+++ b/tests/lock_test.py
@@ -108,13 +108,16 @@ def set_up_nginx_dir(root_path):
     """
     # Get the root of the git repository
     repo_root = check_call('git rev-parse --show-toplevel'.split()).strip()
-    conf_script = os.path.join(
-        repo_root, 'certbot-nginx', 'tests', 'boulder-integration.conf.sh')
-    # Prepare self-signed certificates for Nginx
+    # We add manually nginx_config module, because certbot_integration_tests may not be installed.
+    conf_path = os.path.join(repo_root, 'certbot-ci', 'certbot_integration_tests', 'nginx_tests')
+    sys.path.append(conf_path)
+    import nginx_config  # pylint: disable=import-error
     key_path, cert_path = setup_certificate(root_path)
-    # Generate Nginx configuration
+    config = nginx_config.construct_nginx_config(root_path, os.path.join(root_path, 'webroot'),
+                                                 5002, 5001, 8082, False,
+                                                 key_path=key_path, cert_path=cert_path)
     with open(os.path.join(root_path, 'nginx.conf'), 'w') as f:
-        f.write(check_call(['/bin/sh', conf_script, root_path, key_path, cert_path]))
+        f.write(config)
 
 
 def set_up_command(config_dir, logs_dir, work_dir, nginx_dir):
@@ -185,7 +188,6 @@ def setup_certificate(workspace):
 
     return key_path, cert_path
 
-
 def test_command(command, directories):
     """Assert Certbot acquires locks in a specific order.
 
diff --git a/tests/manual-dns-auth.sh b/tests/manual-dns-auth.sh
deleted file mode 100755
index febecf455..000000000
--- a/tests/manual-dns-auth.sh
+++ /dev/null
@@ -1,8 +0,0 @@
-#!/bin/bash
-
-# If domain begins with fail, fail the challenge by not completing it.
-if [[ "$CERTBOT_DOMAIN" != fail* ]]; then
-    curl -X POST 'http://localhost:8055/set-txt' -d \
-        "{\"host\": \"_acme-challenge.$CERTBOT_DOMAIN.\", \
-         \"value\": \"$CERTBOT_VALIDATION\"}"
-fi
diff --git a/tests/manual-dns-cleanup.sh b/tests/manual-dns-cleanup.sh
deleted file mode 100755
index 1c09e892c..000000000
--- a/tests/manual-dns-cleanup.sh
+++ /dev/null
@@ -1,8 +0,0 @@
-#!/bin/bash
-
-# If domain begins with fail, we didn't complete the challenge so there is
-# nothing to clean up.
-if [[ "$CERTBOT_DOMAIN" != fail* ]]; then
-    curl -X POST 'http://localhost:8055/clear-txt' -d \
-        "{\"host\": \"_acme-challenge.$CERTBOT_DOMAIN.\"}"
-fi
diff --git a/tests/manual-http-auth.sh b/tests/manual-http-auth.sh
deleted file mode 100755
index 48c33f04b..000000000
--- a/tests/manual-http-auth.sh
+++ /dev/null
@@ -1,14 +0,0 @@
-#!/bin/sh
-uri_path=".well-known/acme-challenge/$CERTBOT_TOKEN"
-
-# This script should be run from the top level. e.g. ./tests/manual-http-auth.sh
-source_dir="$(pwd)"
-cd $(mktemp -d)
-mkdir -p $(dirname $uri_path)
-echo $CERTBOT_VALIDATION > $uri_path
-python "$source_dir/tests/run_http_server.py" $http_01_port >/dev/null 2>&1 &
-server_pid=$!
-while ! curl "http://localhost:$http_01_port/$uri_path" >/dev/null 2>&1; do
-    sleep 1s
-done
-echo $server_pid
diff --git a/tests/manual-http-cleanup.sh b/tests/manual-http-cleanup.sh
deleted file mode 100755
index 5e437bf08..000000000
--- a/tests/manual-http-cleanup.sh
+++ /dev/null
@@ -1,2 +0,0 @@
-#!/bin/sh
-kill $CERTBOT_AUTH_OUTPUT
diff --git a/tests/pebble-fetch.sh b/tests/pebble-fetch.sh
deleted file mode 100755
index 6b562eec2..000000000
--- a/tests/pebble-fetch.sh
+++ /dev/null
@@ -1,58 +0,0 @@
-#!/bin/bash
-# Download and run Pebble instance for integration testing
-set -xe
-
-PEBBLE_VERSION=v1.0.1
-
-# We reuse the same GOPATH-style directory than for Boulder.
-# Pebble does not need it, but it will make the installation consistent with Boulder's one.
-export GOPATH=${GOPATH:-$HOME/gopath}
-PEBBLEPATH=${PEBBLEPATH:-$GOPATH/src/github.com/letsencrypt/pebble}
-
-mkdir -p ${PEBBLEPATH}
-
-cat << UNLIKELY_EOF > "$PEBBLEPATH/docker-compose.yml"
-version: '3'
-services:
-  pebble:
-    image: letsencrypt/pebble:${PEBBLE_VERSION}
-    command: pebble -dnsserver 10.30.50.3:8053
-    environment:
-    - PEBBLE_VA_NOSLEEP=1
-    ports:
-      - 14000:14000
-    networks:
-      acmenet:
-        ipv4_address: 10.30.50.2
-  challtestsrv:
-    image: letsencrypt/pebble-challtestsrv:${PEBBLE_VERSION}
-    command: pebble-challtestsrv -defaultIPv6 "" -defaultIPv4 10.30.50.1
-    ports:
-      - 8055:8055
-    networks:
-      acmenet:
-        ipv4_address: 10.30.50.3
-networks:
-  acmenet:
-    driver: bridge
-    ipam:
-      driver: default
-      config:
-        - subnet: 10.30.50.0/24
-UNLIKELY_EOF
-
-docker-compose -f "$PEBBLEPATH/docker-compose.yml" up -d pebble
-
-set +x  # reduce verbosity while waiting for boulder
-for n in `seq 1 150` ; do
-  if curl -k https://localhost:14000/dir 2>/dev/null; then
-    break
-  else
-    sleep 1
-  fi
-done
-
-if ! curl -k https://localhost:14000/dir 2>/dev/null; then
-  echo "timed out waiting for pebble to start"
-  exit 1
-fi
diff --git a/tests/run_http_server.py b/tests/run_http_server.py
deleted file mode 100644
index 0e4f8ac79..000000000
--- a/tests/run_http_server.py
+++ /dev/null
@@ -1,11 +0,0 @@
-import runpy
-import sys
-
-# Run Python's built-in HTTP server
-# Usage: python ./tests/run_http_server.py port_num
-# NOTE: This script should be compatible with 2.7, 3.4+
-
-# sys.argv (port number) is passed as-is to the HTTP server module
-runpy.run_module(
-    'http.server' if sys.version_info[0] == 3 else 'SimpleHTTPServer',
-    run_name='__main__')
diff --git a/tests/tox-boulder-integration.sh b/tests/tox-boulder-integration.sh
deleted file mode 100755
index 8c8a967fd..000000000
--- a/tests/tox-boulder-integration.sh
+++ /dev/null
@@ -1,12 +0,0 @@
-#!/bin/bash -e
-# A simple wrapper around tests/boulder-integration.sh that activates the tox
-# virtual environment defined by the environment variable TOXENV before running
-# integration tests.
-
-if [ -z "${TOXENV+x}" ]; then
-    echo "The environment variable TOXENV must be set to use this script!" >&2
-    exit 1
-fi
-
-source .tox/$TOXENV/bin/activate
-tests/boulder-integration.sh
diff --git a/tools/_venv_common.py b/tools/_venv_common.py
index cb19d583c..1594fd05f 100644
--- a/tools/_venv_common.py
+++ b/tools/_venv_common.py
@@ -42,6 +42,7 @@ REQUIREMENTS = [
     '-e certbot-postfix',
     '-e letshelp-certbot',
     '-e certbot-compatibility-test',
+    '-e certbot-ci',
 ]
 
 VERSION_PATTERN = re.compile(r'^(\d+)\.(\d+).*$')
diff --git a/tox.ini b/tox.ini
index 1087a1969..3709b24b1 100644
--- a/tox.ini
+++ b/tox.ini
@@ -117,11 +117,6 @@ commands =
 setenv =
     {[testenv:py27-oldest]setenv}
 
-[testenv:py27_install]
-basepython = python2.7
-commands =
-    {[base]install_packages}
-
 [testenv:py27-cover]
 basepython = python2.7
 commands =
@@ -160,7 +155,7 @@ passenv =
 
 [testenv:apacheconftest-with-pebble]
 commands =
-    {toxinidir}/tests/pebble-fetch.sh
+    {toxinidir}/certbot-apache/certbot_apache/tests/apache-conf-files/pebble-fetch-start.sh
     {[testenv:apacheconftest]commands}
 passenv =
     HOME
@@ -259,7 +254,7 @@ commands =
         --cov=acme --cov=certbot --cov=certbot_nginx --cov-report= \
         --cov-config={toxinidir}/certbot-ci/certbot_integration_tests/.coveragerc \
         -W 'ignore:Unverified HTTPS request'
-    coverage report --include 'certbot/*' --show-missing --fail-under=64
+    coverage report --include 'certbot/*' --show-missing --fail-under=67
     coverage report --include 'certbot-nginx/*' --show-missing --fail-under=74
 passenv =
     DOCKER_*