certbot,

Certbot auto renew SSL certificate creating a cron job

Jan 19, 2022 · 1 min read · Post a comment
Certbot auto renew SSL certificate creating a cron job

If you are using a free SSL certificate from certbot, probably you are tired of the manual renewal. Here I’m going to show you how to automate the process of creating a cron job that will automatically renew the expired certificates.

Prerequisites

  • Certbot
  • Debian based distro

Solution

Step 1. Navigate to the /etc/cron.d directory.

cd /etc/cron.d/

Step 2. Create a new file called certbot.

touch certbot

Step 3. Open the certbot file and paste the following config:

# /etc/cron.d/certbot: crontab entries for the certbot package
#
# Upstream recommends attempting renewal twice a day
#
# Eventually, this will be an opportunity to validate certificates
# haven't been revoked, etc.  Renewal will only occur if expiration
# is within 30 days.
SHELL=/bin/sh
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin

0 */12 * * * root test -x /usr/bin/certbot  -a \! -d /run/systemd/system &&  perl -e 'sleep int(rand(43200))' &&  certbot -q renew

Step 4. Restart the cron service.

systemctl restart cron

Conclusion

Now this cron job will check if some of the certificates are expired it will renew it automatically. In the next topic you will see how to renew it on rhel based distros. Feel free to leave a comment below and if you find this tutorial useful, follow our official channel on Telegram.