Setting up automatic SSL renewal is essential to ensure your website remains secure without interruption. If you're using a shared hosting environment and Certbot for SSL management, this guide will walk you through the process step-by-step.
Prerequisites
- Access to your hosting server via SSH
- Root or sudo privileges
- Existing SSL certificate installed with Certbot
- Basic knowledge of command-line operations
Check Certbot Installation
First, verify that Certbot is installed and up to date. Run the following command:
certbot --versionIf Certbot is not installed, follow your hosting provider's instructions or visit the Certbot website for installation guides.
Test Certificate Renewal Command
To ensure your renewal process works correctly, run a dry run:
sudo certbot renew --dry-runIf the dry run completes successfully, your renewal process is properly configured. If not, troubleshoot any errors before proceeding.
Set Up Automatic Renewal
Certbot automatically installs a renewal timer during installation. To ensure it runs daily, verify the cron job or systemd timer:
Check Cron Job
Run the following command to list cron jobs:
sudo crontab -l | grep certbotIf you see an entry similar to:
0 */12 * * * certbot renew --quietthen your cron job is set up correctly. If not, add the following line to your crontab:
sudo crontab -eAnd insert:
0 0,12 * * * certbot renew --quietCheck Systemd Timer
If your system uses systemd, check the timer status with:
systemctl list-timers | grep certbotIf the timer is active, your renewal process is scheduled.
Verify Renewal
To manually test renewal, run:
sudo certbot renew --dry-runEnsure the process completes without errors. This confirms your automatic renewal is properly configured.
Conclusion
Automating SSL renewal with Certbot on a shared hosting environment helps maintain your website's security seamlessly. Regularly check your renewal logs and ensure your cron jobs or systemd timers are active for continuous protection.