21 Nov 2022 Open Source Public Cloud

Auto-Renew Let’s Encrypt Certs on Linux with Cron

👁15views

Automatically renewing Let's Encrypt certificates on Linux requires creating a bash renewal script and scheduling it with cron. Create a script calling `certbot renew`, then add a crontab entry running it twice daily, which is Let's Encrypt's recommended frequency. Certbot only renews certificates expiring within 30 days, making frequent checks safe and reliable.

CloudScale AI SEO - Article Summary
  • 1.
    What it is
    This article explains how to set up automatic SSL certificate renewal for WordPress sites using Let's Encrypt by creating a bash script and scheduling it with cron.
  • 2.
    Why it matters
    Manual certificate renewal every 90 days is tedious and risky - forgetting to renew causes your website to show security warnings and lose visitor trust.
  • 3.
    Key takeaway
    Use a cron job to automatically run the Let's Encrypt renewal command so your SSL certificates stay current without manual intervention.
~1 min read
Related Articles

If you want to automatically renew your certs then the easiest way is to setup a cron just to call letsencrypt periodically. Below is an example cron job:

First create the bash script to renew the certificate

Powered by CloudScale 
$ pwd
/home/bitnami
$ sudo nano renew-certificate.sh

Now enter the script in the following format into nano:

Powered by CloudScale 
#!/bin/bash

sudo /opt/bitnami/ctlscript.sh stop apache
sudo /opt/bitnami/letsencrypt/lego --path /opt/bitnami/letsencrypt --email="[email protected]" --http --http-timeout 30 --http.webroot /opt/bitnami/apps/letsencrypt --domains=andrewbaker.ninja renew --days 90
sudo /opt/bitnami/ctlscript.sh start apache

Now edit the crontab to run the renew script:

Powered by CloudScale 
$ crontab -e
0 0 * * * sudo /home/bitnami/renew-certificate.sh 2> /dev/null
You Might Also Like