How often should I run the cerbot cron job to update the certificates?

Bill_Hendricks · August 11, 2016, 12:43pm

Perhaps this is a stupid question, but I wondering how often my cron job should for:

./path/to/certbot-auto renew --quiet --no-self-upgrade

Should it be every 89 days since the certs expire every 90 days? Or is it OK to run it daily and it will just check if they need renewing?

What is the best way to set the cronjob to make it least likely that my certifications will expire before renewal?

I followed all the instructions here and unless I’m missing something, it’s just not clear how often the cron job should run.

Thanks.

cpu · August 11, 2016, 1:23pm

Of course not!

The latest certbot renewal docs say:

Let’s Encrypt CA issues short-lived certificates (90 days). Make sure you renew the certificates at least once in 3 months.

In practice I think many folks set their cron job to run as frequently as once a day or week. Make sure once every 3 months is your lower bound.

When the renew command is used Certbot will attempt to renew any previously-obtained certificates that expire in less than 30 days. If your certificates don't expire for more than 30 days nothing will be done so it is totally OK to run daily

Bill_Hendricks · August 11, 2016, 1:43pm

Great. Thank you very much.

cpu · August 11, 2016, 1:46pm

No problem. Have a good day @Bill_Hendricks

system · September 10, 2016, 1:46pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Cron job to run every 90 days vs. 3 months? Server	8	17570	February 28, 2018
Cron job not seem to be renewing my SSL Server	17	6112	September 17, 2017
Better 95 days expiration Feature Requests	5	1439	September 10, 2017
Why is certbot attmepting renewal daily? Help	6	6862	August 10, 2017
Certbot renewing automatically Server	3	2199	August 1, 2018

How often should I run the cerbot cron job to update the certificates?

Related topics