Updating a Let’s Encrypt certificate

wpadmin Uncategorized February 2, 2025

Updating a Let’s Encrypt certificate depends on how it was originally issued. Here’s a step-by-step guide based on different scenarios:

1. If You Used Certbot (Recommended)

Certbot is the most common way to obtain and renew Let’s Encrypt certificates.

Check Expiry Date

Run:

sudo certbot certificates

This shows your existing certificates and their expiration dates.

Renew Certificates

Run:

sudo certbot renew

This attempts to renew all certificates that are expiring within 30 days.

Restart Web Server (If Required)

After renewal, restart your web server (e.g., Apache or Nginx) to apply the new certificate:

sudo systemctl restart apache2 # For Apache
sudo systemctl restart nginx # For Nginx

Verify the Renewal

Once done, check if your certificate is updated:

openssl x509 -noout -dates -in /etc/letsencrypt/live/example.com/fullchain.pem

If everything is working correctly, your SSL certificate should now be renewed!

 

Cron renew

$ crontab -u root -e
00 00 25 * * systemctl stop httpd && certbot renew && systemctl start httpd

About: wpadmin

Leave a Reply

Translate »