After the lets encrypt certificate is installed, it expires in 90 days by default. We can manually renew it in advance. But to prevent forgetting, we can Automatic renewal of lets encrypt Method. You need to use crontab Execute commands regularly.
Generally, the CentOS system automatically has a crontab program. If there is no crontab program, the Centos installation command is as follows:
Yum install vixie cron crontabs//Install Crontab
Chkconfig crond on//Set to boot automatically
Service crond start//Start
Note: The vixie cron software package is the main program of cron; The crontabs package is a program used to install, uninstall, or list tables used to drive cron daemons.
How to use Crontab
1. View the crontab scheduled execution task list
crontab -l
2. Add crontab scheduled execution task
crontab -e
Automatic renewal of certificate
Let's Encrypt certificate is only valid for 90 days. Once we forget it, it will become invalid. Therefore, it is recommended to use crontab for automatic renewal to keep the certificate valid.
Enter the crontab - e add command in Xhell, enter a to enter the editing state, and then use the arrow keys to select a new line. Add rules:
0 3 1 * * /root/certbot-auto renew –renew-hook “/etc/init.d/nginx reload”
Press "ESC" to exit editing status, enter: wq to save and exit.
Use the crontab - l command to check whether the timing command just added exists. If it exists, all domain names will be renewed at 3:00 a.m. on the first day of each month. However, there is a limit on the number of requests, so don't be too frequent.