Automate Let’s Encrypt SSL Certificate Renewal on Ubuntu

Streamline SSL certificate management with automated renewal for Let’s Encrypt certificates on your Ubuntu VPS, ensuring continuous protection for your web applications.

Prerequisites:

• Ubuntu VPS
• Root or sudo privileges
• Certbot installed

Steps:

1. Create a Renewal Script:

nano /etc/cron.d/letsencrypt-renew

2. Add Renewal Command:

#!/bin/bash

certbot renew --non-interactive --agree-tos --email [email protected]

3. Set Script Permissions:

chmod +x /etc/cron.d/letsencrypt-renew

4. Schedule Renewal:

crontab -e

5. Add Cron Job:

0 0 * * * /etc/cron.d/letsencrypt-renew

6. Save Crontab:

Save and exit the crontab editor.

Example Renewal Command:

certbot renew --non-interactive --agree-tos --email [email protected] --domains example.com,www.example.com

Explanation:

• --non-interactive: Suppresses interactive prompts.
• --agree-tos: Accepts Let’s Encrypt’s terms of service.
• --email [email protected]: Specifies the email address for renewal notifications.
• --domains example.com,www.example.com: Renews certificates for specified domains.

Benefits of Automated Renewal:

• Reduced Manual Effort: Eliminates the need for manual certificate renewal, saving time and resources.
• Enhanced Security: Ensures continuous SSL certificate validity, protecting your web applications from security vulnerabilities.
• Improved User Experience: Maintains uninterrupted secure connections for website visitors.

By automating Let’s Encrypt certificate renewal, you can streamline your SSL certificate management process and safeguard your Ubuntu VPS with unwavering security.