`certbot renew` overwriting renewal file


I’m trying to setup a custom deploy hook in one of my renewal configuration files, like this:

deploy_hook = /some/script.sh

However, as soon as I run certbot renew --cert-name <cert_name> --force-renewal to test it, the configuration file seems to be overwritten and the configuration line is lost. The certificate is renewed, but the deploy hook isn’t run.

How do I specify a per-certificate deploy hook in my configuration?

This is with certbot 0.31.0 (from Debian package 0.31.0-1 on Debian 10.3).

1 Like

the syntax is a bit different:

renew_hook = systemctl reload lighttpd # or whatever command you want.
1 Like

It’s renew_hook with an underscore in /etc/letsencrypt/renewal/.

/etc/letsencrypt/cli.ini would use hyphens (and likely deploy-hook).


Hmm… I see. It would be nice if certbot warned about the unrecognized config entry, instead of silently removing it, though :-/

Edit: I can’t check this works fully for now, since I’ve hit rate limits on this certificate.

1 Like

this is… not well documented. :smiley:

1 Like

Ok, it seems to work finally!

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.