Yesterday I installed a lets encrypt certificate for a new domain (say, example.com) on my server, following this tutorial . This was based on the client “letsencrypt”, from the Ubuntu repo, apparently an earlier version of the one now called “certbot”.
It added some rewrite lines into
/etc/apache2/sites-available/example.com.conf, added a new file
/etc/apache2/sites-available/example.com-le-ssl.conf , then enabled the new file.
Rewrites are not the best way so I had to revise the non-http file - commented the rewrite lines, added a redirect line. The file
/etc/apache2/sites-available/example.com-le-ssl.conf was based on the original conf file and did not need any revision - however this was a simple one. When I repeat the procedure for other domains, well some of them have complex rewrite rules and I’m concerned about letsencrypt borking something if it messes with these files.
My question is, will the client rewrite conf files again at renewal time? If the answer is no then it’s safe to put a renew command on crontab - right?. If the answer is yes, I’ll have to attend to this manually every 90 days? Or is there a way to auto renew without changing config files?