cron jobs to run certbot should be run twice daily.
Presuming cerbot has been set properly/default.
If you are doing very strange things while executing certbot then you should know when those can/should happen.
Let's Encrypt / certbot recommends running certbot renew twice daily. It wouldn't do anything if renewal wasn't necessary, but if the cert is within 30 days of expiry, it'll renew.
1 Like
0 0,12 * * * /usr/local/bin/certbot renew <=== like so? I have it set as @weekly for some reason
and i had @weekly renew_certificates <=== that was probably set by a certbot
That's only one third of the where you can do strange stuff with certbot.
But the right side does look perfect:
"certbot renew"
[nothing strange going on there]
The other places are in the cli.ini (uncommon but possible)
And in the renewal.conf files (more common)
grep -i hook /etc/letsencrypt/renewal/*.conf
Well as long as it works - I will check the /etc/letsencrypt/renewal/*.conf
It's different in FreeBSD. grep. no match /usr/local/etc/letsencrypt
renew_before_expiry = 30 days
version = 1.18.0
archive_dir = /usr/local/etc/letsencrypt/archive/vadim.com.ru
cert = /usr/local/etc/letsencrypt/live/vadim.com.ru/cert.pem
privkey = /usr/local/etc/letsencrypt/live/vadim.com.ru/privkey.pem
chain = /usr/local/etc/letsencrypt/live/vadim.com.ru/chain.pem
fullchain = /usr/local/etc/letsencrypt/live/vadim.com.ru/fullchain.pem
Options used in the renewal process
[renewalparams]
account = 41e216181510ed12c1199f2c3d63b7e4
authenticator = nginx
installer = nginx
server = https://acme-v02.api.letsencrypt.org/directory
And nothing strange there either.
Did you check the cli.ini file?
Not yet - has just woken up
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.