Home Linux Commandline Tools How to Setup Auto-Renew for Let’s Encrypt SSL Certificates

How to Setup Auto-Renew for Let’s Encrypt SSL Certificates

Access to a stable and secure internet environment is no longer an optional addition to basic human needs. With the internet connecting all the ends of the earth, nothing seems impossible anymore.

The internet and its many protocols have inspired the development of e-learning, video conferencing, gaming, etc, among other platforms that connect different users from different regions around the globe. However, regardless of the praises, we give the internet, its credibility is nothing without security.

Let’s Encrypt is a certificate authority (non-profit) responsible for the free of charge provision of TLS (Transport Layer Security) encryption certificates for different domain names.

Internet-based applications and platforms need to consider the validity of Let’s Encrypt SSL certificates in order to maintain their reputation since internet users are more likely to visit SSL-secured websites (HTTPS) over unsecured websites (HTTP).

Let’s Encrypt makes use of SSL (Secure Sockets Layer) to shield active HTTPS connections from unwarranted data breaches. In such instances, it is only the client and the server that are able to interact with transmitted data while in an unencrypted format.

How to Automatically Renew SSL Certificates

By default, the installation, management, and automatic renewal of Let’s Encrypt certificates are covered by the client certbot. Before we further engage this article section, ensure you meet the following prerequisites:

  • Your Linux server is up-to-date.
  • You have Let’s Encrypt installed on your Linux system.
  • You have a registered and active domain name for your website or web app.
  • Correctly configured DNS records for your domain name.

Let’s Encrypt SSL Certificates Renewal

To manually renew the SSL certificates for the domain, we will execute the command:

$ sudo -H ./letsencrypt-auto certonly --standalone --renew-by-default -d ubuntumint.com -d www.ubuntumint.com

The execution of the above command should lead to a confirmation prompt.

With auto-renew the SSL certificates option, we do not need to keep track of our SSL certificate’s expiration dates. For instance, if we want the auto-renewal to be once a month, we will open the cron tab.

$ sudo crontab -e 

and add the following info at the bottom of the file.

0 0 1 * * /opt/letsencrypt/letsencrypt-auto renew

We should also add a crontab entry to automatically update Let’s Encrypt.

0 0 1 * * cd /opt/letsencrypt && git pull
Auto Renew Let's Encrypt SSL Certificate
Auto Renew Let’s Encrypt SSL Certificate

We have successfully demonstrated how to renew Let’s Encrypt SSL certificates either manually or automatically. Hope this article guide was helpful. Feel free to leave a comment or feedback.

Ravi Saive
I am an Experienced GNU/Linux expert and a full-stack software developer with over a decade in the field of Linux and Open Source technologies. Founder of TecMint.com, LinuxShellTips.com, and Fossmint.com. Over 150+ million people visited my websites.

Each tutorial at UbuntuMint is created by a team of experienced writers so that it meets our high-quality standards.

Was this article helpful? Please add a comment to show your appreciation and support.

Got something to say? Join the discussion.

Thanks for choosing to leave a comment. Please keep in mind that all comments are moderated according to our comment policy, and your email address will NOT be published or shared. Please Do NOT use keywords in the name field. Let's have a personal and meaningful conversation.