Letsencrypt renewal
When we get a certificate from letsencrypt, it has to be renewed periodically.
The question is when do you run the renew? It is simple ( this is an command for that )
[ramk@ip-172-31-91-4 centos]# openssl x509 -noout -dates -in /etc/letsencrypt/live/vulcan.votercircle.in/cert.pem
notBefore=Feb 25 03:55:42 2021 GMT
notAfter=May 26 03:55:42 2021 GM
The command gives you the time period for the expiry and from when we can renew the cert.
Then we can set up a crontab to run. Preferably in a root user. Also make sure you create a file logs
Either run as root, or set --config-dir, --work-dir, and --logs-dir to writeable paths.
touch /var/log/letsencrypt/renew.log
0 12 * * * /usr/local/bin/certbot renew >> /var/log/letsencrypt/renew.log 2>&1