The operating system my web server runs on is (include version):
OSX
I can login to a root shell on my machine (yes or no, or I don’t know):
YES
I’m using a control panel to manage my site (no, or provide the name and version of the control panel):
NO
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):
acme script
Script runs fine and renews (when running under root and executed manually) am very comforatable creating cron jobs, my issue is if i have the script to run everyday is there a limitation for ENQUIRING / renewing the certificate (3 months?) or do i have to have the cron script run more in line with the renewal date 2.5 months from the last only one or so calls per 3 months. I havnt created the cron job however just want to make sure i dont hit any limitation on asking everday “renew me?” Also is this why people use certbot as it has more checks an balances than the basic acme script ?
What you’d really want to do is put the remaining commands (the ones after acme.sh) into a post-renew script. Then issue the cert with acme.sh --issue -d DOMAIN --standalone --httpport 8081 --reloadcmd /path/to/script. Once that issues, set a daily cron job of /path/to/acme.sh --cron.
After further consideration, the way to go would be .acme.sh/acme.sh --issue -d DOMAIN --standalone --httpport 8081 --key-file /usr/local/kerio/mailserver/sslcert/server2.key --cert-file /usr/local/kerio/mailserver/sslcert/server2.crt --reloadcmd /usr/local/kerio/mailserver/keriomailserver restart (assuming there’s a “restart” command for keriomailserver, “reload” would be even better). Then your cron job (after whatever delay you implement) would still be what I suggested earlier: acme.sh --cron.
Consider whether you’d need to use --fullchain-file rather than --cert-file; that’s going to depend on the requirements of your server software.