Renew existing certificate which is due to expire - AWS Lightsail
Lets encrypt SSL certificates are generally expired after 90 days of creation so need to be renewed regularly. If the expire date is near then you should renew manually first before adding an auto-renew cronjob (automate).
So here are the commands required to renew the current certificate in use, you should replace DOMAIN and EMAIL-ADDRESS with the relevant domain and email address of the previous certificate.
sudo /opt/bitnami/ctlscript.sh stop
sudo /opt/bitnami/letsencrypt/lego --tls --email="EMAIL-ADDRESS" --domains="DOMAIN" --path="/opt/bitnami/letsencrypt" renew --days 90
sudo /opt/bitnami/ctlscript.sh start
Setup cron to automatically renew in future
You can also set it to autorenew using cronjob for that we need to create a script to run these command automatically by using following commands.
sudo mkdir -p /opt/bitnami/letsencrypt/scripts
sudo nano /opt/bitnami/letsencrypt/scripts/renew-certificate.sh
After creating the script file we have to write the script inside the file. Following is the content of that script file.
#!/bin/bash sudo /opt/bitnami/ctlscript.sh stop apache sudo /opt/bitnami/letsencrypt/lego --tls --email="EMAIL-ADDRESS" --domains="DOMAIN" --path="/opt/bitnami/letsencrypt" renew --days 90 sudo /opt/bitnami/ctlscript.sh start apache
Now we need to make this script executable.
sudo chmod +x /opt/bitnami/letsencrypt/scripts/renew-certificate.sh
We have to make this file run by crontab so we need to edit crontab first.
sudo crontab -e
After opening crontab you have to add following content. This will make execute the script with this crontab.
0 0 1 * * /opt/bitnami/letsencrypt/scripts/renew-certificate.sh 2> /dev/null