To renew SSL certificates automatically before expiration, write a script to do the task and schedule a cron job to run periodically. The steps are below.
- Create a script at /opt/bitnami/letsencrypt/scripts/renew-certificate.sh. Using SSH run the following:
sudo nano /opt/bitnami/letsencrypt/scripts/renew-certificate.sh
It will create a shell script file as seen here on an FTP connection screenshot:
- Enter the following content into the script and save it. Remember to replace the DOMAIN placeholder with your actual domain name, and the EMAIL-ADDRESS placeholder with your email address.
sudo /opt/bitnami/ctlscript.sh stop apache sudo /opt/bitnami/letsencrypt/lego --tls --email="EMAIL-ADDRESS" --domains="DOMAIN" --path="/opt/bitnami/letsencrypt" renew --days 90 sudo /opt/bitnami/ctlscript.sh start apache
- Make the script executable:
sudo chmod +x /opt/bitnami/letsencrypt/scripts/renew-certificate.sh
- Execute the following command to open the crontab editor:
sudo crontab -e
- Add the following lines to the crontab file and save it:
0 0 1 * * /opt/bitnami/letsencrypt/scripts/renew-certificate.sh 2> /dev/null
On your crontab editor it should look like this:
- Save the file and exit.