Disable auto renew for a specific domain

GiulioEu · May 14, 2019, 8:15pm

Hi, I use certbot on my webserver to obtain SSL certificates for my websites.
There are some domains though that usually do not point to the public IP but to internal IP and I change the DNS record when the certificates are going to expire, unfortunately my DNS provider do not support the DNS plugin.

I’d like to disable the auto renew only for those domains, letting it enables for the others domains.

I tryed to add “autorenew = False” to the “[renewalparams]” section in /etc/letsencrypt/renewal/domain.conf but when I run “certbot renew” nothing seems to change: the program try to renew the certificate failing the challenge.

I don’t want to remove the conf file because when I’ll change the DNS records and update manually that certificate, the file will be created again.

Thanks for your help,
Giulio

_az · May 14, 2019, 8:34pm

One strategy could be to set those certificates to:

[renewalparams]
renew_before_expiry = 1 day

This defaults to 30, meaning start renewing 30 days before the certificate expires.

Presumably you would have renewed them by the time expiry-1 day rolls around.

GiulioEu · May 14, 2019, 9:06pm

Thanks, that’s a good suggestion! Basing on your comment, I tryed to put a negative date and it worked fine!

system · June 13, 2019, 9:12pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
How to disable auto renew (for all domains) Help	2	516	May 1, 2024
How to disable auto renew for a domain? Help	7	10701	April 19, 2018
How to ignore few domains to get renewed while using ./certbot-auto renew --all Help	15	6735	December 21, 2018
How to prevent renewal for certain domains Server	3	725	April 26, 2019
Auto-renew certbot certificate with plug dns-route53 Help	14	1703	January 18, 2024

Disable auto renew for a specific domain

Related topics