Gareth's Blog

Renew Letsencrypt Certificate - Ubuntu

June 4, 2024380 words

Let's Encrypt certificate expiration

ssh onto the machine where the certificate needs renewing.

First stop the web server as it will interfere with the renewal process:-

$ sudo systemctl stop nginx

The do a dry run to check that everything is in order:-

$ sudo certbot renew --dry-run

If all goes well you should see something like:-

Saving debug log to /var/log/letsencrypt/letsencrypt.log

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Processing /etc/letsencrypt/renewal/stroud.social-0001.conf
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Simulating renewal of an existing certificate for stroud.social

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Processing /etc/letsencrypt/renewal/stroud.social.conf
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Simulating renewal of an existing certificate for stroud.social

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Congratulations, all simulated renewals succeeded: 
  /etc/letsencrypt/live/stroud.social-0001/fullchain.pem (success)
  /etc/letsencrypt/live/stroud.social-0001/fullchain.pem (success)
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Then it is safe to perform the renewal:-

$ sudo certbot renew

and if all goes well, restart the web server:-

$ sudo systemctl start nginx

then verify the certificate details on the site with a web browser.

React to this post
👍❤️🫶👏👌🤯🤔😂😍😭😢😡😮

You'll only receive email when they publish something new.

More from Gareth's Blog
All posts