Have the following command setup in my crontab to renew the certificate for this blog, and for the main website – thecurlybraces.com
30 3 1 */2 * /opt/letsencrypt/certbot-auto renew --pre-hook "" --post-hook "service nginx restart"
This causes the command to run, at 03:30 on day-of-month 1 in every 2nd month.
Output
-------------------------------------------------------------------------------
Processing /etc/letsencrypt/renewal/thecurlybraces.com.conf
-------------------------------------------------------------------------------
Cert is due for renewal, auto-renewing...
Renewing an existing certificate
Performing the following challenges:
http-01 challenge for thecurlybraces.com
http-01 challenge for blog.thecurlybraces.com
Waiting for verification...
Cleaning up challenges
-------------------------------------------------------------------------------
new certificate deployed without reload, fullchain is
/etc/letsencrypt/live/thecurlybraces.com/fullchain.pem
-------------------------------------------------------------------------------
Congratulations, all renewals succeeded. The following certs have been renewed:
/etc/letsencrypt/live/thecurlybraces.com/fullchain.pem (success)
Running post-hook command: service nginx restart
Incase you want to add more domains to an existing certificate, use the following command –
sudo /opt/letsencrypt/certbot-auto --expand -d blog.thecurlybraces.com -d thecurlybraces.com -d bitsnpieces.thecurlybraces.com --pre-hook "" --post-hook "service nginx restart"
This assumes that you have only a single certificate. If you’ve more, you’ll have to use --cert-name. Read more here.
Just putting this here for reference, and with the hope that it might be useful for someone else.