Certificate Renewal


My domain is: ariadne.tech

I ran this to renew:
certbot-auto renew --pre-hook “service nginx stop” --post-hook “service nginx start”

The following command verifies that the certificate was updated:
sudo openssl x509 -enddate -noout -in /etc/letsencrypt/live/ariadne.tech/fullchain.pem
notAfter=Apr 11 08:55:00 2017 GMT

My question is: is this valid and do I have to do more for the expiry bot mails to cease? https://crt.sh/ does not reflect the update so is there something more I should do or doesn’t it matter?

I realise there are similar topics but I am unsure if what I have done is correct.



Yes, you have done everything you need to.

I’d suggest adding the command as a cron, so that it runs regularly, and updates the certificate automatically for you.


Thanks for the reply. I did setup a cron job but it wasn’t running as I missed out the pre and post hooks. Does http://crt.sh/ get updated eventually or this information now irrelevant?



crt.sh will get updates ( there is often about a days lag there).

Google transparency report usually updates more quickly.


Thanks for the explanation.


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.