...to install an auto-renewal script, but in this tutorial the renewal timer is 90 days, not the suggested 60 days. Can I just edit my renew-certificate.sh script to 60 days, or will this cause problems just 5 days away from my 90 day renewal?
Yes I have that line in the cron job. But now if I edit the renew-certificate to 60 days will I just cock up my auto renewal in 5 days time as it is now 85 days past (60 days was 25 days ago) and I'll have 90 day expired certs?
Oh I see, so it's not like a timer, it checks periodically when the certs were created and then checks if 60 or 90 days has passed, if so renews them? So I can literally just edit the renew-certificate.sh and it will go for it?
I agree. If the script or the ACME client doesn't have a random wait period for automatic renewals, it should be added to the cronjob entry.
Twice a day is what is used by certbots timers. The frequency of the cronjob is not the problem: its when on the day it renews (if it renews) which is the problem: if everybody does that on the exact hour (i.e.: xx:00), then the servers of Let's encrypt will see spikes on EVERY exact hour (due to timezones around the world), but not on the other 59 minutes of that hour..