Cert expiry during vacation


stupid question for you maybe…

My certificates will expire a few days before I will be back home. But I’m on vacation for over 4 weeks, so I think I’m not able to renew the certs prior to my vacation start or?

What is the earliest time I can renew certs?

How would you handle this?

Many thanks for your tips!

Generally speaking, renewal should be automated. You didn’t mention any details about your environment, but with certbot, the recommendation is to run certbot renew in a daily cronjob - certbot is capable of figuring out the right time to actually renew. See this page for relevant documentation. If you’ve installed certbot from a distribution package (i.e. Debian), this cronjob has been set up for you automatically.

If you’d like to have some piece of mind, you can force the renewal today by running the command with --force-renewal today. That’ll give you a new certificate that’s valid for 90 days. There’s nothing prohibiting early renewal, other than the general rate limits, which are unlikely to affect you if you haven’t issued any certificates for your domain in the last 7 days.

Thank you @pfg!

I use my iMac to request/renew the certs locally.

This is my current command I run to renew my certs…

./certbot-auto certonly --debug --force-renew -a manual -d mydomain -d myotherdomains

My web host is not supporting Let’s Encrypt out of the box, so I have to do it on my own.

So you basically saying I can simply use my command like above just prior leaving for my vacation.

Up to now I thought that I need to wait until I receive the expiry bot messages.


Yes, that should work. The expiry emails are just a notification, renewal works independent of that. From a technical perspective, renewal is just yet another certificate issuance, it’s more of a UX thing to call it renewal.

(Naturally, you’ll also need to upload your new private key and certificate to your web host.)

Yes, that is exactly what I do after the certs have been generated.

Excellent you saved my vacation! :smile:

Thanks a million!

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.