In this article we're going to explore how to automatically renew certificates using Lets Encrypt. In their own words, "Let’s Encrypt is a free, automated, and open certificate authority (CA), run for the public’s benefit. It is a service provided by the Internet Security Research Group (ISRG).

We give people the digital certificates they need in order to enable HTTPS (SSL/TLS) for websites, for free, in the most user-friendly way we can. We do this because we want to create a more secure and privacy-respecting Web."

This article assumes you are already using Lets Encrypt, if not please refer to their documentation here to get set up:

Set up

The first thing we need to be familiar with is how Lets Encrypt works. Look at this link to familiarize yourself with how Lets Encrypt works and come back to this article.


Once you're ready and have CertBot installed lets set up a cron job to automatically renew our certificate.

Step 1:

Open crontab with the below command:
$ sudo crontab -e

add this to your crontab anywhere you'd like:

# Add this to the crontab and save it:
* 0 0 1 * * certbot -q renew

The above crontab syntax runs certbot once a month every month and renews your ssl certificate.

Congratulations, you now have a fully functioning site with ssl support for free!