Want to cron certificate update of specific list of domains

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:

I ran this command:

certbot-auto -d cjshayward.com

It produced this output:

Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator apache, Installer apache
Cert not yet due for renewal

You have an existing certificate that has exactly the same domains or certificate name you requested and isn’t close to expiry.
(ref: /etc/letsencrypt/renewal/cjshayward.com-0003.conf)

What would you like to do?


1: Attempt to reinstall this existing certificate
2: Renew & replace the cert (limit ~5 per 7 days)


Select the appropriate number [1-2] then [enter] (press ‘c’ to cancel): 2
Renewing an existing certificate
Deploying Certificate to VirtualHost /etc/apache2/sites-enabled/ssl-default.conf

Please choose whether or not to redirect HTTP traffic to HTTPS, removing HTTP access.


1: No redirect - Make no further changes to the webserver configuration.
2: Redirect - Make all requests redirect to secure HTTPS access. Choose this for
new sites, or if you’re confident your site works on HTTPS. You can undo this
change by editing your web server’s configuration.


Select the appropriate number [1-2] then [enter] (press ‘c’ to cancel): 2
Enhancement redirect was already set.


Your existing certificate has been successfully renewed, and the new certificate
has been installed.

The new certificate covers the following domains: https://cjshayward.com

You should test your configuration at:
https://www.ssllabs.com/ssltest/analyze.html?d=cjshayward.com


IMPORTANT NOTES:

  • Congratulations! Your certificate and chain have been saved at:
    /etc/letsencrypt/live/cjshayward.com-0003/fullchain.pem
    Your key file has been saved at:
    /etc/letsencrypt/live/cjshayward.com-0003/privkey.pem
    Your cert will expire on 2020-07-19. To obtain a new or tweaked
    version of this certificate in the future, simply run certbot-auto
    again with the “certonly” option. To non-interactively renew all
    of your certificates, run “certbot-auto renew”

  • If you like Certbot, please consider supporting our work by:

    Donating to ISRG / Let’s Encrypt: https://letsencrypt.org/donate
    Donating to EFF: https://eff.org/donate-le

My web server is (include version):

Server version: Apache/2.4.10 (Debian)
Server built: Sep 30 2019 19:32:08

The operating system my web server runs on is (include version):

Debian Jesse

My hosting provider, if applicable, is:

Linode (VPS)

I can login to a root shell on my machine (yes or no, or I don’t know):

Yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):

No

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):

certbot 1.3.0

At the moment, my server has non-deleted /etc/apache2/sites-enabled/*.conf files, and so running certbot-auto with no arguments will list a mixed bundle of both valid and non-valid sites, asking interactively if I want to do all of them or give a list of domains. When I run certbot-auto -d cjshayward.com, it runs, but interactively.

How do I say, for instance, a crontab job of “Renew cjshayward.com and this list of n other sites non-interactively?”

certbot-auto renew

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.