Noob: Checking if certbot is working

Help
1

How do I know if certbot is running and all is well. When will it renew itself? I know it's running snap.certbot.renew.service twice a day, based on systemctl list-timers.

I tried to install it, and ran some of those commands, until it became clear that it was already there. I just want to check if I broke anything. Thanks!

My domain is: app.blackbirdcode.com

I ran this command: What to run?

It produced this output: What to check?

My web server is (include version): Apache 2.4.29

The operating system my web server runs on is (include version): Linux 18.04.4

My hosting provider, if applicable, is: AWS?

I can login to a root shell on my machine (yes or no, or I don't know): Yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): No

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): 2.5.0

1 Like
2

Welcome to the community @NessBird

Reviewing the list-timers like you did was good.

You can also review the logs in /var/log/letsencrypt/ to review the run history

You can do this to check if the renew will succeed. The --dry-run will not modify your existing certs

sudo certbot renew --dry-run

(omit sudo if you don't need it)

Although, it looks like you are due for renewal soon so you could just wait and check your cert in a couple days to see that it renewed.

sudo certbot certificates

Or, check the public logs with something like https://crt.sh or Let's Debug cert search (link here)

These are all helpful tools to check stuff. Cheers

6 Likes
3

Thank you! OK, I did the dry run, and it reported success, yay! :slight_smile:
Question: How do you know when it's due for renewal?

1 Like
4

Certbot, by default, renews with 30 days remaining
https://eff-certbot.readthedocs.io/en/stable/using.html#renewing-certificates

4 Likes
5

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.