How to Setup Auto-Renew for Let’s Encrypt SSL Certificates

Access to a stable and secure internet environment is no longer an optional addition to basic human needs. With the internet connecting all the ends of the earth, nothing seems impossible anymore.

The internet and its many protocols have inspired the development of e-learning, video conferencing, gaming, etc, among other platforms that connect different users from different regions around the globe. However, regardless of the praises, we give the internet, its credibility is nothing without security.

Let’s Encrypt is a certificate authority (non-profit) responsible for the free of charge provision of TLS (Transport Layer Security) encryption certificates for different domain names.

Internet-based applications and platforms need to consider the validity of Let’s Encrypt SSL certificates in order to maintain their reputation since internet users are more likely to visit SSL-secured websites (HTTPS) over unsecured websites (HTTP).

Let’s Encrypt makes use of SSL (Secure Sockets Layer) to shield active HTTPS connections from unwarranted data breaches. In such instances, it is only the client and the server that are able to interact with transmitted data while in an unencrypted format.

How to Automatically Renew SSL Certificates

By default, the installation, management, and automatic renewal of Let’s Encrypt certificates are covered by the client certbot. Before we further engage this article section, ensure you meet the following prerequisites:

  • Your Linux server is up-to-date.
  • You have Let’s Encrypt installed on your Linux system.
  • You have a registered and active domain name for your website or web app.
  • Correctly configured DNS records for your domain name.

Let’s Encrypt SSL Certificates Renewal

To manually renew the SSL certificates for the domain, we will execute the command:

$ sudo -H ./letsencrypt-auto certonly --standalone --renew-by-default -d linuxshelltips.com -d www.linuxshelltips.com

The execution of the above command should lead to a confirmation prompt.

With auto-renew the SSL certificates option, we do not need to keep track of our SSL certificate’s expiration dates. For instance, if we want the auto-renewal to be once a month, we will open the cron tab.

$ sudo crontab -e 

and add the following info at the bottom of the file.

0 0 1 * * /opt/letsencrypt/letsencrypt-auto renew

We should also add a crontab entry to automatically update Let’s Encrypt.

0 0 1 * * cd /opt/letsencrypt && git pull
Auto Renew Let's Encrypt SSL Certificate
Auto Renew Let’s Encrypt SSL Certificate

We have successfully demonstrated how to renew Let’s Encrypt SSL certificates either manually or automatically. Hope this article guide was helpful. Feel free to leave a comment or feedback.

Got something to say? Join the discussion.

Have a question or suggestion? Please leave a comment to start the discussion. Please keep in mind that all comments are moderated and your email address will NOT be published.