August 2 2017 Wednesday
Renewing LetsEncrypt SSL certificates automatically - redux
After almost a year of using Let's Encrypt to secure this very site, I'm still running into issues automatically renewing the certificates every 90 days. In my last post about this I'd documented the procedure I was using but was unable to ever get it to work successfully via cron (it was fine manually). I've now switched to a different auto-renew method....Enter:
This seems much simpler, tidier solution. The only snag for me was it required Python 2.7 to be installed. I sent a request off the the kindly folks at Prominic and they had that part done in no time.....now to wait 90 days, which happened to be today. I ran certbot manually and it did indeed renew the certificate for me, so now I added it to a cron job to see if I can get it to work.
On CentOS 6 run this command to get certbot (I'm presuming you already have Let's Encrypt working) :
Then I created cron job with this in it:
We'll know in mid-October if this works any better.....
For other Linux and BSD distributions, check out the certbot website, it pretty much has all the bases covered.
certbot
This seems much simpler, tidier solution. The only snag for me was it required Python 2.7 to be installed. I sent a request off the the kindly folks at Prominic and they had that part done in no time.....now to wait 90 days, which happened to be today. I ran certbot manually and it did indeed renew the certificate for me, so now I added it to a cron job to see if I can get it to work.
On CentOS 6 run this command to get certbot (I'm presuming you already have Let's Encrypt working) :
wget https://dl.eff.org/certbot-auto
chmod a+x certbot-auto
Then I created cron job with this in it:
52 5,17 * * * root /root/certbot-auto renew --quiet
We'll know in mid-October if this works any better.....
For other Linux and BSD distributions, check out the certbot website, it pretty much has all the bases covered.
Darren Duke
|
August 2 2017 04:56:57 AM
|
security letsencrypt ssl
|
