Renewal Cronjob without configs and scripts

Hi folks,

I see that many people use bash scripts for their renewal. Isn’t it good enough just simple place a monthly crontab which looks like:

15 4 20 * * /etc/init.d/apache2 stop && /opt/letsencrypt/letsencrypt-auto certonly --rsa-key-size 4096 --text --renew-by-default --agree-tos -d domain.com -d www.domain.com && /etc/init.d/apache2 start >> /var/log/le-renew.log

?

Actually, you could put something like this in:
15 4 * * * sudo /home/xxxxx/.local/share/letsencrypt/bin/letsencrypt renew

And run it every day. It’ll only renew when it’s time to renew. Yours will likely end up creating a new certificate that you have to manually implement in your Apache config.

Well, I won’t use the automatically configuration. The Apache Config is still done and the certificate names won’t change. So, I guess it isn’t a wrong command which I use - isn’t it?