Certbot renew as standalone with server running


#1

Hi,
I’m running a server with VespaCP (so apache/nginx) and I created some certificates with letsencrypt standalone. at the time, I had to shut down the server so that letsencrypt could run on the ports needed. Now I’m trying to renew the certificates with certbot. And when I try “certbot renew --dry-run”, I’m getting the error that it can’t access the ports. I want to run certbot renew --quiet in a cron job but I don’t want to have to shutdown the websites every time I do. Is there a way to run the renew without opening up the ports by shutting down the webserver?


#2

Hi @skyallen, standalone inherently requires that you shut down the server because it runs its own substitute server. Would you be able to use webroot instead, or use a different server that supports the DNS challenge method?


#3

Here is a vestacp plugin for you: