Jump to content

Let's Encrypt auto renew


brent

Recommended Posts

Letsencrypt Auto Renew Testing:

Though this part is optional but I recommand you to test your auto-renew cron script for errors. It will be a disaster if your Letsencrypt Certificate does not renew before expire due to some error. 

Basic Testing using --dry-run:

For error checking we’ll  perform certbot renew --dry-run or path/location/certbot-auto renew --dry-run ——- a process in which the auto-renew script will be executed without actually renewing the certificates.

Execute the following lines on your Linux terminal,

sudo -i 
certbot renew --dry-run && apache-restart-command

testing using --force-renew

In this advance testing section we’ll  simulate the letsencrypt  auto certificate renewal process by using –force-renew command. As you already know that the certbot renew command only take action if your certificate has less than 30 days. But if we use it with “–force-renew” command then your certificate get renewed immediately. Remember that, you only can renew 5 certificates per week for a particular domain or subdomain.

Note the date of your current certificate

To view the current expire date of your let’s encrypt certificate, execute the following command on your terminal.

sudo openssl x509 -noout -dates -in /etc/letsencrypt/live/your-domain-name/fullchain.pem

 

Check if renewal was successful

Now, Lets again check the let’s encrypt certificate’s expire date,

sudo openssl x509 -noout -dates -in /etc/letsencrypt/live/your-domain-name/fullchain.pem

 

Link to comment
Share on other sites

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
×
×
  • Create New...