How often should I run the cerbot cron job to update the certificates?


#1

Perhaps this is a stupid question, but I wondering how often my cron job should for:

./path/to/certbot-auto renew --quiet --no-self-upgrade

Should it be every 89 days since the certs expire every 90 days? Or is it OK to run it daily and it will just check if they need renewing?

What is the best way to set the cronjob to make it least likely that my certifications will expire before renewal?

I followed all the instructions here and unless I’m missing something, it’s just not clear how often the cron job should run.

Thanks.


#2

Of course not!

The latest certbot renewal docs say:

Let’s Encrypt CA issues short-lived certificates (90 days). Make sure you renew the certificates at least once in 3 months.

In practice I think many folks set their cron job to run as frequently as once a day or week. Make sure once every 3 months is your lower bound.

When the renew command is used Certbot will attempt to renew any previously-obtained certificates that expire in less than 30 days. If your certificates don’t expire for more than 30 days nothing will be done so it is totally OK to run daily :slight_smile:


#3

Great. Thank you very much.


#4

No problem. Have a good day @Bill_Hendricks


#5

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.