Skip to content

Instantly share code, notes, and snippets.

@stefan2904

stefan2904/README.md

Last active November 10, 2015 14:39
Show Gist options
  • Save stefan2904/9e4d386340d02155e559 to your computer and use it in GitHub Desktop.
Save stefan2904/9e4d386340d02155e559 to your computer and use it in GitHub Desktop.
Download ZIP
how to renew a letsencrypt-issued certificate
Raw
README.md

Locations

Certs and keys are in /etc/letsencrypt/live/

Webserver config

Point the webserver directly to the cert and key in the live folder, since it is updated during renewal. For example in a node.js app:

	"keyfile": "/etc/letsencrypt/live/<domain>/privkey.pem",
	"certfile": "/etc/letsencrypt/live/<domain>/cert.pem",

Or, for example in apache2:

	SSLCertificateFile /etc/letsencrypt/live/<domain>/cert.pem
	SSLCertificateChainFile /etc/letsencrypt/live/<domain>/chain.pem
	SSLCertificateKeyFile /etc/letsencrypt/live/<domain>/privkey.pem
Raw
crontab
# m h dom mon dow command
0 0 1 */2 * /home/ctf/le-renew.sh
Raw
le-renew.sh
#!/bin/sh -e
# run once every ~60-80 days (certs expire after 90 days)
cd letsencrypt
./letsencrypt-auto --agree-dev-preview -d <domain> --duplicate \
--server https://acme-v01.api.letsencrypt.org/directory certonly
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment