How To Renew Your Let’s Encrypt SSL Certificate Automatically

Renew ssl certificate from Let's Encrypt automatically

Hey there! Some links on this page may be affiliate links which means that, if you choose to make a purchase, I may earn a small commission at no extra cost to you. I greatly appreciate your support!

In this short tutorial, you’ll learn how to automatically renew your Let’s Encrypt SSL certificate. To do this, we’ll be installing a cronjob with crontab.

These instructions are written for Ubuntu/Debian systems and should work for most Nginx and Apache web servers.

Let’s Encrypt SSL Renew Cron

On your system, open the crontab editor with crontab -e.

Add the following code snippet to the bottom of the editor. Please replace nginx with apache if that is your web server and if you are using systemd to manage your web server process.

0 6 * * 0 certbot renew -n -q --pre-hook "service nginx stop" --post-hook "service nginx start"

Every Sunday morning at 6 AM, this cronjob will execute the certbox renew command and check to see if a new SSL certificate is available.

Here is an explanation of the flags:

  • -n: non-interactive i.e. will not ask for user input
  • -q: quiet i.e. no output
  • –pre-hook: command that will run prior to obtaining a certificate
  • –post-hook: command that will run after obtaining a certificate

In this case, the web server is stopped with the pre hook command and started back up with the post hook command. The pre and post hooks are executed only if the certificate is due for renewal.

YouTube video

As always, please let me know if you have questions in the comments section below.

Facebook
Twitter
Pinterest
LinkedIn
Reddit

Meet Tony

Tony from Tony Teaches Tech headshot

With a strong software engineering background, Tony is determined to demystify the web. Discover why Tony quit his job to pursue this mission. You can join the Tony Teaches Tech community here.

3 Responses

  1. Hi Tony,

    Thanks for making such a wonderful tutorial on GCP/Wordpress/ SSL integration. After searching various sources and I came down to your tutorial, and thanks to YOU, I was able to install my first wordpress on GCP! Now that I am done with the SSL enablement, I struggled upon how to setup the SSL auto-renew on the SSH command line. Is there any chance that you can share the step by step command line for GCP? (I’m not an expert in technology and this is my first accomplishment for putting my foot in the door, so greatly appreciate if you can share a command line for a non-tech expertise like me). Thanks.

  2. Hello Tony,
    What about the LiteSpeed server? Should I replace the “nginx” with “litespeed” in the command line?

    Regards

Leave a Reply

Your email address will not be published. Required fields are marked *