By now you know that your website needs to run over HTTPS. One of the easiest and cheapest ways to do this is by using
https://certbot.eff.org/ which in turn deploys https://letsencrypt.org/ certificates.
Once you have it installed, you’ll want to install a crontab entry that will run the updates 2x per day:
23 3,15 * * * /usr/local/sbin/certbot-renew.sh
#!/bin/sh # # Save this file as /usr/local/sbin/certbot-renew.sh # UPDATE_FLAG_FILE=/var/lib/letsencrypt/updated rm -f $UPDATE_FLAG_FILE /usr/local/bin/certbot-auto renew --post-hook "touch $UPDATE_FLAG_FILE" if [ $? -gt 0 ]; then exit $? fi if [ ! -f $UPDATE_FLAG_FILE ]; then exit 0 fi service apache2 status if [ $? -eq 0 ]; then service apache2 reload if [ $? -gt 0 ]; then >&2 echo failed to reload apache2 exit 1 fi fi
One thought on “Certbot renewal script”