Firstly I would like to commend all the developer and supporter of this project well done guys!
Back to my concern, I already got my certificate for my domains, but I’m having problem with the process of renewal.
I am using standalone authentication which will be needing to take down my running web server which is in my case is NGINX, that will cause server downtime for my websites…
Webroot authentication is the solution for no downtime renewal of letsencrypt but in my nginx configuration I haven’t place my web root in my server. I’m using proxy pass wherein the web files is coming from other server.
/var/www/html/letsencrypt is the path I pass to the client with --webroot-path /var/www/html/letsencrypt. The client then creates the challenge files in that folder automatically.
Crontab works for me, my script looks like this:
#!/bin/bash
cd /root/letsencrypt
letsencrypt-auto certonly -a webroot --webroot-path /var/www/html/letsencrypt \
-d example.com -d www.example.com
--server https://acme-v01.api.letsencrypt.org/directory \
--agree-tos --renew-by-default
service nginx reload