21 Nov 2022 AWS Cloud Open Source

Auto-Renew Let’s Encrypt Certs on Linux with Cron

👁14views

Automatically renewing Let's Encrypt certificates on Linux requires creating a bash renewal script and scheduling it with cron. Create a script calling `certbot renew`, then add a crontab entry running it twice daily, which is Let's Encrypt's recommended frequency. Certbot only renews certificates expiring within 30 days, making frequent checks safe and reliable.

CloudScale AI SEO - Article Summary
  • 1.
    What it is
    This article explains how to set up automatic SSL certificate renewal for WordPress sites using Let's Encrypt by creating a bash script and scheduling it with cron.
  • 2.
    Why it matters
    Manual certificate renewal every 90 days is tedious and risky - forgetting to renew causes your website to show security warnings and lose visitor trust.
  • 3.
    Key takeaway
    Use a cron job to automatically run the Let's Encrypt renewal command so your SSL certificates stay current without manual intervention.
Related Articles

If you want to automatically renew your certs then the easiest way is to setup a cron just to call letsencrypt periodically. Below is an example cron job:

First create the bash script to renew the certificate

Powered by CloudScale 
$ pwd
/home/bitnami
$ sudo nano renew-certificate.sh

Now enter the script in the following format into nano:

Powered by CloudScale 
#!/bin/bash

sudo /opt/bitnami/ctlscript.sh stop apache
sudo /opt/bitnami/letsencrypt/lego --path /opt/bitnami/letsencrypt --email="[email protected]" --http --http-timeout 30 --http.webroot /opt/bitnami/apps/letsencrypt --domains=andrewbaker.ninja renew --days 90
sudo /opt/bitnami/ctlscript.sh start apache

Now edit the crontab to run the renew script:

Powered by CloudScale 
$ crontab -e
0 0 * * * sudo /home/bitnami/renew-certificate.sh 2> /dev/null
You Might Also Like