Question

How can I find out if my secure certificate is set up to renew automatically

Posted October 21, 2021 130 views
Let's EncryptUbuntu 20.04

I have followed the tutorial “How To Secure Apache with Let’s Encrypt on Ubuntu 20.04” to add a free SSL secure certificate to my website deployed in my droplet ubuntu server.

After all done, I just noticed that the cert seems valid no more than 3 months. So wonder how I can make sure the Let’s Encrypt certbot did set my cert to automatic renew in order to avoid insecure site when the cert expires.
Is there a way to check the status of the renew setting?

Thanks,
Brian

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
Submit an Answer
1 answer

Hi @Canbrian,

If you’ve followed the tutorial and have used certbot create the certificates, If I’m not mistaken they will be renewed automatically after a certain period.

Having said that to be on the safe side, I’ll recommend you adding a cronjob that does it automatically for you and even updates the certs in your webservice.

  • Open the crontab file. bash $ crontab -e

Add the certbot command to run daily. In this example, the command is run every day at noon. The command checks to see if the certificate on the server will expire within the next 30 days, and renews it if so. The –quiet directive tells certbot not to generate output.

0 12 * * * /usr/bin/certbot renew --quiet

Save and close the file. All installed certificates will be automatically renewed and reloaded.