Need Help to fix my script to renew certificate

Lastly...
Please show:

  • the menu choices shown when you need to "press 2"

[again you can hide domain - the exact name is not relevant]

1 Like

Saving debug log to /var/log/letsencrypt/letsencrypt.log

Plugins selected: Authenticator standalone, Installer None

Cert not yet due for renewal

You have an existing certificate that has exactly the same domains or certificate name you requested and isn't close to expiry.

(ref: /etc/letsencrypt/renewal/mydomain.com.conf)

What would you like to do?


1: Keep the existing certificate for now

2: Renew & replace the cert (may be subject to CA rate limits)


Select the appropriate number [1-2] then [enter] (press 'c' to cancel):

1 Like

Why would you need to press #2?

I think you fail to understand how certbot keeps the cert up-to-date for you (automatically).
It checks twice a day to see if the cert is below the set expiry days (30 days is default).
And ONLY when 30 or less days are left on the cert, will it actually need to renew and will attempt to do so [using all the settings saved in the renewal config file - which match your last issuance - no need to repeat all that info]

2 Likes

now i understand the certificate renewal process .

2 Likes

So the only peice missing (from the default certbot setup) is the file copy and email to yourself.
These lines can be saved in a bash script and can be called via:
--deploy-hook /path/to/my/special/script.sh

But you only need to use that parameter ONCE.
Cerbot will remember it and save it in the renewal config file (for the next renewal).

2 Likes

So there will be a one-time renewal with:
certbot renew --cert-name mydomain.com --deploy-hook /path/to/my/special/script.sh
[this is the part where you TEACH certbot how you want things done your way]

And then the actual cron job would be just:
certbot renew

Which should already be installed via cron - check:
crontab -l
crontab -u root -l

And will run twice a day - and do nothing for 60 days - then it will renew and deploy your cert (and email you too).

1 Like

I hope I did not take up too much of your time with my LECTURE - LOL

Cheers from Miami :beers:

1 Like

no no i really enjoyed thank you so much i was not expecting such response

2 Likes

I'm glad you've liked the response you've gotten. You're in great hands. :blush:

2 Likes

yeah i take my cap off you are the man :blush:

2 Likes