Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
Can you provide a link to a Tutorial / Quick start guide to help us update to the newer renewal methods before the end of life deadline is reached?
I think this is what is used to renew via a crontab job (copy and pasted from the online tutorial):
To run the renewal check daily, we will use cron ,
a standard system service for running periodic jobs. We tell cron what to do by opening and
editing a file called a crontab.
·
sudo crontab -e
Your text editor will open the default crontab which is a text file with some help text in it. Paste in the following
line at the end of the file, then save and close it:
crontab
. . .
15 3 * * * /usr/bin/certbot renew --quiet
The 15 3 * * * part
of this line means “run the following command at 3:15 am, every day”. You may choose any time.
The renew command
for Certbot will check all certificates installed on the system and update any that are set to expire in less than thirty days. --quiet tells
Certbot not to output information or wait for user input.
cron will now run this command
daily. All installed certificates will be automatically renewed and reloaded when they have thirty days or less before they expire.
I’m just a classroom teacher, so I apologize my server admin skills are not as high as others!
Since the systemctl timer is calling the certbot renewal, can you tell me where I need to make the changes in order to migrate to the newer renewal system before the TLS-SNI-01 validation end-of-life deadline?