Does SSL file content changes when renewal happens

Hi,

Does these file content changes when renewal happens with cloudflare.ini at Server A? :thinking:

image

I am asking because I wish to use same cert at Server A (where I generated) and Server B. So I wonder, if I need to update manually uploaded file at Server B every 3 months or so.

Thank you very much.

1 Like

The cert.pem, fullchain.pem, and privkey.pem change every time the Certificate is renewed.

If you have Linux, you can setup lsync on Server A to sync the changes to Server B.

3 Likes

Certbot also has the concept of “deploy hooks”, which provide a place to programmatically do things when a certificate is renewed (like copying the updated private key and certificate to a remote server and then reloading its webserver).

There is an example of a deploy hook in the documentation: https://certbot.eff.org/docs/using.html#renewing-certificates

2 Likes

Very interesting read. You’d still have to write the code to push the files out to the other server (like an rsync or scp command). It would just be set inside the script to run with the cron job command. Lsync pushes changes to specified directories real time without a cron job. All you have to do is specify the directories & the server(s) to sync the changes to.

2 Likes

Thanks for the information.
I do not control Server B completely. I only have visual option to upload SSL. In this case, I will look for alternative solution like one-click to SSL which is offered by them.