Deploy-hood did not execute

Renewing certs works fine but the deploy hook doesn't want to execute. There's nothing in the logs. Should
I place script in /renewal-hooks/deploy/ and remove the hook from cronjob?

crontab job:
certbot renew --deploy-hook /root/

The deploy-hook only runs when a new cert is issued. Was one?

Do the permissions for the hook script allow it to run as same user as certbot is?


New certs were issued.
Honestly I don't now how to give a specific user permission to run. Script is owned by root. Now I gave permission to run by all others and moved it out of /root. Maybe this will help?

Depending how you installed Certbot, it's possible that there was a different cronjob that executed first, without the --deploy-hook flag.

For example, if you installed Certbot via snap or apt, there is a preinstalled cronjob that may run before yours.

For this reason, it is better to:

  • use the /etc/letsencrypt/renewal-hooks/ directory, or
  • set the --deploy-hook while issuing the certificate, or
  • by setting deploy-hook in /etc/letsencrypt/cli.ini, or
  • setting renew_hook in the certificate-specific renewal parameters file in /etc/letsencrypt/renewal/*.conf file

If there was a permissions issue, there would most likely be something in the Certbot log file about it.


I moved the script to /etc/letsencrypt/renewal-hooks/deploy. We'll see in a month or so if that works.

You'll probably want to move it to /etc/letsencrypt/renewal-hooks/deploy/.


Note that the script needs to be executable. See man chmod about how to change that.


Yes I did. I just missed it in my previous post.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.