Hook after initially obtaining certificate

There is a deploy renewal-hook which runs after renewal (my scripts are in /etc/letsencrypt/renewal-hooks/deploy/). But it doesn’t run when initially obtaining the certificate via certonly --standalone.

Is there an equivalent hook that runs after the initial new-cert process?

My reason: some apps, e.g. portainer, need access to the non-symlinked files, so I want to run a script after obtaining/renewing certs, to make a static non-symlinked copy of the latest certs for those apps to access. I can get this to work for renewed certs, but not for new certs.

1 Like

If you specify the --deploy-hook command line option when creating the certificate, it will run then, and when renewing it later. (The command will be saved in the /etc/letsencrypt/renewal/ configuration file.) E.g.:

sudo certbot certonly --standalone --deploy-hook /path/to/script.sh -d example.com

1 Like


I added it to the cli.ini and it works. Not properly documented though.

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.