In this short tutorial, you’ll learn how to automatically renew your Let’s Encrypt SSL certificate. To do this, we’ll be installing a cronjob with crontab.
These instructions are written for Ubuntu/Debian systems and should work for most Nginx and Apache web servers.
Let’s Encrypt SSL Renew Cron
On your system, open the crontab editor with
Add the following code snippet to the bottom of the editor. Please replace nginx with apache if that is your web server and if you are using systemd to manage your web server process.
0 6 * * 0 certbot renew -n -q --pre-hook "service nginx stop" --post-hook "service nginx start"
Every Sunday morning at 6 AM, this cronjob will execute the
certbox renew command and check to see if a new SSL certificate is available.
Here is an explanation of the flags:
- -n: non-interactive i.e. will not ask for user input
- -q: quiet i.e. no output
- –pre-hook: command that will run prior to obtaining a certificate
- –post-hook: command that will run after obtaining a certificate
In this case, the web server is stopped with the pre hook command and started back up with the post hook command. The pre and post hooks are executed only if the certificate is due for renewal.
As always, please let me know if you have questions in the comments section below.