Automatically Update SSL Certificates by Certbot

Certbot is a fully-featured client for the Let’s Encrypt CA that can automate the tasks of obtaining certificates and configuring webservers to use them.

I would like to introduce certbot for obtaining certiciates and renew the certiciates.

🐝 Tutorial Environment

In this article, I use the following linux env:

  • OS: CentOS/RHEL 7
  • Server: Nginx

If your env is different, please see official guide.

🐮 Installation

You should first enable EPEL repository and install Certbot

curl -O && \
mv certbot-auto /usr/local/bin/certbot && \
chmod 0755 /usr/local/bin/certbot

🗽 Automated Get Started

Running a folloing command will get a certificate and have Certbot edit your Nginx configuration automatically to serve it.

/usr/local/bin/certbot certonly --standalone -d {{ hostname }} -m {{ contact_email }} --agree-tos -n

🚕 Automating Renewal

30 3 * * * /usr/local/bin/certbot renew --quiet --webroot --webroot-path {{ webroot_path }} && /bin/systemctl reload nginx

🐯 Special Thanks

🖥 Recommended VPS Service

VULTR provides high performance cloud compute environment for you. Vultr has 15 data-centers strategically placed around the globe, you can use a VPS with 512 MB memory for just $ 2.5 / month ($ 0.004 / hour). In addition, Vultr is up to 4 times faster than the competition, so please check it => Check Benchmark Results!!