User Tools

Site Tools


Table of Contents



Used Certbot

First I thought it failed because it reported it couldn't find one my domain names, but it was just a typo. So type it out and paste it in.

Then it also failed, but because I realized I had not enabled port forwarding on my router.

anyway ran the certbot-auto made some choice that seemed logical but I don't really remember.

Installed on new Raspberian install on new SD Card

Automating renewal

Certbot can be configured to renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:

./path/to/certbot-auto renew –dry-run

If that appears to be working correctly, you can arrange for automatic renewal by adding a cron or systemd job which runs the following:

./path/to/certbot-auto renew –no-self-upgrade

sudo ./certbot-auto renew –no-self-upgrade

/certbot-auto renew –no-self-upgrade

The above stopped working…go to home/pi folder

./certbot-auto renew


pi@raspberrypi:~ $ sudo ./certbot-auto renew
Saving debug log to /var/log/letsencrypt/letsencrypt.log

Processing /etc/letsencrypt/renewal/
Cert is due for renewal, auto-renewing…
Plugins selected: Authenticator apache, Installer apache
Renewing an existing certificate
Performing the following challenges:
tls-sni-01 challenge for
tls-sni-01 challenge for
tls-sni-01 challenge for
tls-sni-01 challenge for
Waiting for verification…
Cleaning up challenges

new certificate deployed with reload of apache server; fullchain is


Congratulations, all renewals succeeded. The following certs have been renewed:

/etc/letsencrypt/live/ (success)\\

My script and crontab to automate renewal each week

To get your directory path displayed use


  • date > /home/pi/script/log.txt
  • /home/pi/certbot-auto renew » log.txt

To make a .sh script executable use this,

chmod +x

crontab every Sunday at midnight

0 0 * * 0 /home/pi/script/

Script to automatically renew SSL cert once a week on Sunday and write the date and result to a log file the > causes to overwrite each time

apache.txt · Last modified: 2018/09/25 20:34 by zeppo