Automate renewing SSL Certificate with AWS

rg305 · October 20, 2023, 11:18am

I think you are overcomplicating the process.
A cron job that runs immediately after renewal attempts would reload/restart the httpd service way too often.
Certs last 90 days.
They only need to be renewed after 60 days [default].
The renewal process runs and first checks to see if any certs need to be renewed.
Most of the times, there is nothing to renew.

Either:

use a deploy-hook to reload/restart the httpd service [which is only triggered when a cert is actually renewed]
schedule the reload/restart without any regard to the cert state [like once a week (every week) during off hours]
The cert should renew 30 days ahead of expiry - that should cover four reloads/restarts.

Topic		Replies	Views
Certbot renew dns53 domains Help	7	978	November 30, 2023
Auto-renew certbot certificate with plug dns-route53 Help	14	2314	January 18, 2024
Apache ec2 renew doubts Help	2	930	December 6, 2017
Cron job for cert renewal on Amazon Linux Server	5	3347	July 5, 2018
Scripting the renewal of certs without public access to the Internet Server	6	6253	January 30, 2019

Automate renewing SSL Certificate with AWS

Related topics