I’m running a server with VespaCP (so apache/nginx) and I created some certificates with letsencrypt standalone. at the time, I had to shut down the server so that letsencrypt could run on the ports needed. Now I’m trying to renew the certificates with certbot. And when I try “certbot renew --dry-run”, I’m getting the error that it can’t access the ports. I want to run certbot renew --quiet in a cron job but I don’t want to have to shutdown the websites every time I do. Is there a way to run the renew without opening up the ports by shutting down the webserver?
standalone inherently requires that you shut down the server because it runs its own substitute server. Would you be able to use
webroot instead, or use a different server that supports the DNS challenge method?
Here is a vestacp plugin for you: