Auto-renew a Let's Encrypt certificate

The previous script will ask to configure a cronjob at the end of the execution to auto-renew the certificates. In case you did not configure that job at that time, you can edit the cronjobs of your system running the following command.

$ crontab -e

In order to configure the process to auto-renew the certificates, you need to include the following line.

0 0 1 * * sudo /opt/bitnami/letsencrypt/lego --path="/opt/bitnami/letsencrypt" --email="YOURMAIL" --domains="YOURDOMAIN" renew && sudo /opt/bitnami/nginx/sbin/nginx -s reload

NOTE: You can use multiple domains specifying the --domains option as many times as domains you want to specify. When supplying multiple domains, Lego creates a SAN (Subject Alternate Names) certificate which results in only one certificate valid for all domains you entered. The first domain in your list will be added as the “CommonName” of the certificate and the rest, will be added as “DNSNames” to the SAN extension within the certificate.

NOTE: Remember that both YOURMAIL and YOURDOMAIN are placeholders. Replace them with your current email and with the new domain name you want to set. You also need to remove the use of “sudo” in case you include that job in the crontab of the root user.

Last modification January 30, 2019