In this short tutorial, you’ll learn how to automatically renew your Let’s Encrypt SSL certificate. To do this, we’ll be installing a cronjob with crontab.
These instructions are written for Ubuntu/Debian systems and should work for most Nginx and Apache web servers.
Let’s Encrypt SSL Renew Cron
On your system, open the crontab editor with
Add the following code snippet to the bottom of the editor. Please replace nginx with apache if that is your web server and if you are using systemd to manage your web server process.
0 6 * * 0 certbot renew -n -q --pre-hook "service nginx stop" --post-hook "service nginx start"
Every Sunday morning at 6 AM, this cronjob will execute the
certbox renew command and check to see if a new SSL certificate is available.
Here is an explanation of the flags:
- -n: non-interactive i.e. will not ask for user input
- -q: quiet i.e. no output
- –pre-hook: command that will run prior to obtaining a certificate
- –post-hook: command that will run after obtaining a certificate
In this case, the web server is stopped with the pre hook command and started back up with the post hook command. The pre and post hooks are executed only if the certificate is due for renewal.
As always, please let me know if you have questions in the comments section below.
3 thoughts on “How To Renew Your Let’s Encrypt SSL Certificate Automatically”
Thanks for making such a wonderful tutorial on GCP/Wordpress/ SSL integration. After searching various sources and I came down to your tutorial, and thanks to YOU, I was able to install my first wordpress on GCP! Now that I am done with the SSL enablement, I struggled upon how to setup the SSL auto-renew on the SSH command line. Is there any chance that you can share the step by step command line for GCP? (I’m not an expert in technology and this is my first accomplishment for putting my foot in the door, so greatly appreciate if you can share a command line for a non-tech expertise like me). Thanks.
Hi Mary, the cron command in this tutorial is what you’re looking for. It doesn’t change for GCP.
What about the LiteSpeed server? Should I replace the “nginx” with “litespeed” in the command line?