Certbot-auto renewal didn't work in root crontab (works manually)


#1

About 2-3 months ago, following some official instructions, I set up crontab to execute the following command once each day (at a random time):

# *** root crontab ***
# 7:17 am daily
17 7 * * * /mnt/sdb/downloads/certbot-auto renew --quiet --no-self-upgrade

Today I discovered that although crontab is executing the command daily, it didn’t actually renew my certificate. Hence my current certificate expired a couple of days ago and had since been in an expired state.

But when I logged in as root and executed the command as follows (without --quiet), the certificate renewed immediately and my website was now serving the new certificate.

/mnt/sdb/downloads/certbot-auto renew --no-self-upgrade

I saw some others hinting that cron’s environment is different from the one I see when I execute manually. Or that I have to use a wrapper script around the command, or that I have to cd to the directory containing the executable (but I didn’t really need to do that when I executed it manually).

If I add root in front of the command (after * * *) will that fix the problem? If not, how do I fix it so that I don’t have to manually renew the certificate every 3 months?

My server is Ubuntu 14.04.4 LTS (GNU/Linux 3.13.0-88-generic x86_64)


#2

Hi @ADTC,

There might be a clear reason for this that other people could think of, but in any case, do you have any log files from /var/log/letsencypt that might show what happened when the command is run from cron?


#3

Ping! (I hate the 1 month close… could you guys consider making it at least 1 year? 1 month is too short!)

I will get back to you with the log. I’ve been very busy.


#4

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.