Auto-renewal of Let's Encrypt certificates

March 23, 2016

Over the past few weeks I received the first batch of reminders regarding Let’s Encrypt certificates that are about to expire. I renewed the first few by hand, but surprisingly that get’s real boring real quick.

Let’s fix this. I wrote a simple bash script just to do this for me, here we go:

service nginx stop
letsencrypt certonly --standalone -d
service nginx start

Now just add the following line in your crontab:

0 0 1 */2 * /path/to/renew/

And you’re done! Don’t forget to change the path in the crontab and the path to the letsencrypt binary in the shell script :).

YMMV, I simply assumed you’re running nginx and you’re able to restart nginx like this. Adjust to your own needs.

For a more intelligent solution, you could check out this ansible script.

Get Machiel Mail in your inbox!

Of course I have a newsletter, all the cool kids have them! Sign up if you want to get notified of the occasional blog post I write. They will be mostly about Go, or simply about projects I am working on. And it might just turn out that they are interesting!

And if you're wondering, will he send sp... No, I will never send you any spam!

comments powered by Disqus