Menu Close

How To Renew Let’s Encrypt SSL Certificate on Apache server hosted on Linux/Unix platform

To renew SSL certificates automatically before expiration, write a script to do the task and schedule a cron job to run periodically. The steps are below.

  1. Create a script at /opt/bitnami/letsencrypt/scripts/renew-certificate.sh. Using SSH run the following:
    sudo nano /opt/bitnami/letsencrypt/scripts/renew-certificate.sh

    It will create a shell script file as seen here on an FTP connection screenshot:

    Ftp screenshot connection
    Ftp screenshot connection
  2. Enter the following content into the script and save it. Remember to replace the DOMAIN placeholder with your actual domain name, and the EMAIL-ADDRESS placeholder with your email address.
    
    sudo /opt/bitnami/ctlscript.sh stop apache
    sudo /opt/bitnami/letsencrypt/lego --tls --email="EMAIL-ADDRESS" --domains="DOMAIN" --path="/opt/bitnami/letsencrypt" renew --days 90
    sudo /opt/bitnami/ctlscript.sh start apache
  3. Make the script executable:
    sudo chmod +x /opt/bitnami/letsencrypt/scripts/renew-certificate.sh
  4. Execute the following command to open the crontab editor:
    sudo crontab -e
  5. Add the following lines to the crontab file and save it:
    0 0 1 * * /opt/bitnami/letsencrypt/scripts/renew-certificate.sh 2> /dev/null

    On your crontab editor it should look like this:

    cronTab editor view
    cronTab editor view
  6. Save the file and exit.