Auto-renewal of Let's Encrypt certificates

Why renew SSL certificates by hand if you can totally automate the process?

March 23, 2016

Over the past few weeks I received the first batch of reminders regarding Let’s Encrypt certificates that are about to expire. I renewed the first few by hand, but surprisingly that get’s real boring real quick.

Let’s fix this. I wrote a simple bash script just to do this for me, here we go:

#!/bin/bash
service nginx stop
letsencrypt certonly --standalone -d machiel.me
service nginx start

Now just add the following line in your crontab:

0 0 1 */2 * /path/to/renew/script.sh

And you’re done! Don’t forget to change the path in the crontab and the path to the letsencrypt binary in the shell script :).

YMMV, I simply assumed you’re running nginx and you’re able to restart nginx like this. Adjust to your own needs.

For a more intelligent solution, you could check out this ansible script.