How To Renew Your Let’s Encrypt SSL Certificate Automatically

by

Hey there! Some links on this page may be affiliate links which means that, if you choose to make a purchase, I may earn a small commission at no extra cost to you. I greatly appreciate your support!

In this short tutorial, you’ll learn how to automatically renew your Let’s Encrypt SSL certificate. To do this, we’ll be installing a cronjob with crontab.

These instructions are written for Ubuntu/Debian systems and should work for most Nginx and Apache web servers.

Let’s Encrypt SSL Renew Cron

On your system, open the crontab editor with crontab -e.

Add the following code snippet to the bottom of the editor. Please replace nginx with apache if that is your web server and if you are using systemd to manage your web server process.

0 6 * * 0 certbot renew -n -q --pre-hook "service nginx stop" --post-hook "service nginx start"

Every Sunday morning at 6 AM, this cronjob will execute the certbox renew command and check to see if a new SSL certificate is available.

Here is an explanation of the flags:

  • -n: non-interactive i.e. will not ask for user input
  • -q: quiet i.e. no output
  • –pre-hook: command that will run prior to obtaining a certificate
  • –post-hook: command that will run after obtaining a certificate

In this case, the web server is stopped with the pre hook command and started back up with the post hook command. The pre and post hooks are executed only if the certificate is due for renewal.

As always, please let me know if you have questions in the comments section below.


Meet Tony

With a strong software engineering background, Tony is determined to help as many people as possible start their online busines. Discover why Tony quit his hedge fund job to pursue this mission. You can send Tony a message here.

Leave a Comment