On Sep 6, 2018, at 11:02 AM, Paul Heinlein <heinl...@madboa.com> wrote: > > On Wed, 5 Sep 2018, Louis Kowolowski wrote: > >> I believe that you can run the renew frequently and it won't actually renew >> until the time is right. Something like daily/weekly cron. >> >> Also, you want to make sure that when you renew, that it triggers a reload >> for your web server. Otherwise the new cert won't be picked up and you'll be >> frustrated. > > Yep, I created /etc/cron.d/certbot per the certbot site recommendations: > > 41 4,16 * * * root /bin/certbot renew > > I also created /etc/letsencrypt/renewal-hooks/post/apache-restart: > > #!/usr/bin/bash > /usr/bin/systemctl restart httpd.service >/dev/null 2>/dev/null > I"m not familiar with apache any more (haven't really used it in probably a decade). If loading in the new cert can be done with a 'reload' instead of a 'restart' you won't have to take the outage. You may not care, and thats fine. Just a thought.
-- Louis Kowolowski lou...@cryptomonkeys.org Cryptomonkeys: http://www.cryptomonkeys.com/ Making life more interesting for people since 1977 _______________________________________________ PLUG mailing list PLUG@pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug