Styjun

Why is “deal 6 damage” a legit phrase?

How does Asimov's second law deal with contradictory orders from different people?

What to expect in a jazz audition

Coworker mumbles to herself when working, how to ask her to stop?

How does the barbarian bonus damage interact with two weapon fighting?

How did Biff return to 2015 from 1955 without a lightning strike?

Why don't short runways use ramps for takeoff?

Help me, I hate squares!

Typesetting numbers above, below, left, and right of a symbol

Why does Latex make a small adjustment when I change section color

How should I save/invest for my son

Value of a limit.

What is a Mono Word™?

Numerically Stable IIR filter

Can I shorten this filter, that finds disk sizes over 100G?

Derivative is just speed of change?

What do the novel titles of The Expanse series refer to?

How to remove rebar passing through an inaccessible pipe

How to find bus maps for Paris outside the périphérique?

What is the full text of the song about the failed battle of Kiska?

Avoiding Implicit Conversion in Constructor. Explicit keyword doesn't help here

Is it possible to tell if a child will turn into a Hag?

Can machine learning learn a function like finding maximum from a list?

Reducing the time for rolling hash

Renewing certbot certificates manually

How to create a self-signed certificate with OpenSSLIs there API for setting TLS certificates for Google App Engine?Android ssl cerficatiticate error after renewing the certificate in server using digicertcertbot-auto / letsencrypt setting up one key for multiple domains pointing to the same serverClear a pending authorization for certificate (ACME) after rateLimit errorCertbot automatic renewal vulnerabilitiesIs it possible to update the expiration date of a cert with certbot, but not update the cert contents?How do you renew or rekey a SSL certificate with no down time?AWS Let's encrypt Wildcard certificateNET::ERR_CERT_DATE_INVALID after manual renewal with certbot

.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty margin-bottom:0;

0

Thanks in advance for your time and response.

I have generated a certificate using certbot.

certbot -d *.mycompany.com --manual --preferred-challenges dns certonly

I create the TXT record in my (Amazon Rt53) dns and have created the private and public keys.
I then convert it to .pfx

openssl pkcs12 -inkey privkey.pem -in fullchain.pem -export -out mycompany.pfx

I use the resulting mycompany.pfx in RD gateway and elsewhere in multiple servers (since I have a *.mycompany.com).

Obviously letencrypt expires in 90 days. So I renew the certificate by issuing the same command

certbot -d *.mycompany.com --manual --preferred-challenges dns certonly

I get the new keys.
I now have to go to the RD gateway server and re-import the new .pfx certificate.
I have to do this for each server where I have used the certificate.

Is this the way this is supposed to work ? Is there an automated step that I am missing whereby

• I renew and


• all the servers where I have used the certificate renews
  automatically?

ssl-certificate lets-encrypt certbot

share|improve this question

asked Mar 26 at 21:51

VenVigVenVig

14711 silver badge1111 bronze badges

• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  If you have a lot of servers you should look into some form of automated configuration management tool such as chef, puppet, saltstack etc.
  
  – SuperShoot
  Mar 29 at 10:38
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  Thanks SuperShoot. Yes, this should be the way to go.
  
  – VenVig
  Apr 2 at 13:57
  

  
  
  
  

add a comment | 

0

Thanks in advance for your time and response.

I have generated a certificate using certbot.

certbot -d *.mycompany.com --manual --preferred-challenges dns certonly

I create the TXT record in my (Amazon Rt53) dns and have created the private and public keys.
I then convert it to .pfx

openssl pkcs12 -inkey privkey.pem -in fullchain.pem -export -out mycompany.pfx

I use the resulting mycompany.pfx in RD gateway and elsewhere in multiple servers (since I have a *.mycompany.com).

Obviously letencrypt expires in 90 days. So I renew the certificate by issuing the same command

certbot -d *.mycompany.com --manual --preferred-challenges dns certonly

I get the new keys.
I now have to go to the RD gateway server and re-import the new .pfx certificate.
I have to do this for each server where I have used the certificate.

Is this the way this is supposed to work ? Is there an automated step that I am missing whereby

• I renew and


• all the servers where I have used the certificate renews
  automatically?

ssl-certificate lets-encrypt certbot

share|improve this question

asked Mar 26 at 21:51

VenVigVenVig

14711 silver badge1111 bronze badges

• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  If you have a lot of servers you should look into some form of automated configuration management tool such as chef, puppet, saltstack etc.
  
  – SuperShoot
  Mar 29 at 10:38
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  Thanks SuperShoot. Yes, this should be the way to go.
  
  – VenVig
  Apr 2 at 13:57
  

  
  
  
  

add a comment | 

Thanks in advance for your time and response.

I have generated a certificate using certbot.

certbot -d *.mycompany.com --manual --preferred-challenges dns certonly

I create the TXT record in my (Amazon Rt53) dns and have created the private and public keys.
I then convert it to .pfx

openssl pkcs12 -inkey privkey.pem -in fullchain.pem -export -out mycompany.pfx

I use the resulting mycompany.pfx in RD gateway and elsewhere in multiple servers (since I have a *.mycompany.com).

Obviously letencrypt expires in 90 days. So I renew the certificate by issuing the same command

certbot -d *.mycompany.com --manual --preferred-challenges dns certonly

I get the new keys.
I now have to go to the RD gateway server and re-import the new .pfx certificate.
I have to do this for each server where I have used the certificate.

Is this the way this is supposed to work ? Is there an automated step that I am missing whereby

• I renew and


• all the servers where I have used the certificate renews
  automatically?

ssl-certificate lets-encrypt certbot

share|improve this question

asked Mar 26 at 21:51

VenVigVenVig

14711 silver badge1111 bronze badges

certbot -d *.mycompany.com --manual --preferred-challenges dns certonly

openssl pkcs12 -inkey privkey.pem -in fullchain.pem -export -out mycompany.pfx

certbot -d *.mycompany.com --manual --preferred-challenges dns certonly

share|improve this question

asked Mar 26 at 21:51

VenVigVenVig

14711 silver badge1111 bronze badges

share|improve this question

asked Mar 26 at 21:51

VenVigVenVig

14711 silver badge1111 bronze badges

asked Mar 26 at 21:51

VenVigVenVig

14711 silver badge1111 bronze badges

asked Mar 26 at 21:51

VenVigVenVig

14711 silver badge1111 bronze badges

1 Answer
1

active

oldest

votes

0

Automatic renewal of letsencrypt certificates or certbot certificates.

Certbot can be configured to renew your certificates automatically before they expire.

You can set cron job to renew certificates automatically.

Go to your server and run sudo crontab -e. It will open window add following command.

0 0 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && /home/centos/certbot/certbot-auto renew >> /var/log/auto-renewal-cron 2>&1

You can get cron command by selecting system & software based on your OS like below screenshot: https://certbot.eff.org/lets-encrypt/osx-apache.html

share|improve this answer

edited Mar 29 at 10:33

answered Mar 29 at 10:10

Mayank DudakiyaMayank Dudakiya

97877 silver badges1717 bronze badges

• 
  
  
  

  
  1
  

  
  
  
  
  
  

  
  
  Thanks for your response Mr.Mayank. My question was more concerned about the renewal of certificates on multiple servers. Using ansible or chef as suggested by SuperShot would be the way to go.
  
  – VenVig
  Apr 2 at 14:02
  

  
  
  
  

add a comment | 

Your Answer

StackExchange.ifUsing("editor", function ()
StackExchange.using("externalEditor", function ()
StackExchange.using("snippets", function ()
StackExchange.snippets.init();
);
);
, "code-snippets");

StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "1"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);

else
createEditor();

);

function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);



);

draft saved

draft discarded

Sign up or log in

StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);

Sign up using Google

Sign up using Facebook

Sign up using Email and Password

Post as a guest

Name

Email

Required, but never shown

StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f55366720%2frenewing-certbot-certificates-manually%23new-answer', 'question_page');

);

Post as a guest

Name

Email

Required, but never shown

0

Automatic renewal of letsencrypt certificates or certbot certificates.

Certbot can be configured to renew your certificates automatically before they expire.

You can set cron job to renew certificates automatically.

Go to your server and run sudo crontab -e. It will open window add following command.

0 0 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && /home/centos/certbot/certbot-auto renew >> /var/log/auto-renewal-cron 2>&1

You can get cron command by selecting system & software based on your OS like below screenshot: https://certbot.eff.org/lets-encrypt/osx-apache.html

share|improve this answer

edited Mar 29 at 10:33

answered Mar 29 at 10:10

Mayank DudakiyaMayank Dudakiya

97877 silver badges1717 bronze badges

• 
  
  
  

  
  1
  

  
  
  
  
  
  

  
  
  Thanks for your response Mr.Mayank. My question was more concerned about the renewal of certificates on multiple servers. Using ansible or chef as suggested by SuperShot would be the way to go.
  
  – VenVig
  Apr 2 at 14:02
  

  
  
  
  

add a comment | 

0

Automatic renewal of letsencrypt certificates or certbot certificates.

Certbot can be configured to renew your certificates automatically before they expire.

You can set cron job to renew certificates automatically.

Go to your server and run sudo crontab -e. It will open window add following command.

0 0 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && /home/centos/certbot/certbot-auto renew >> /var/log/auto-renewal-cron 2>&1

You can get cron command by selecting system & software based on your OS like below screenshot: https://certbot.eff.org/lets-encrypt/osx-apache.html

share|improve this answer

edited Mar 29 at 10:33

answered Mar 29 at 10:10

Mayank DudakiyaMayank Dudakiya

97877 silver badges1717 bronze badges

• 
  
  
  

  
  1
  

  
  
  
  
  
  

  
  
  Thanks for your response Mr.Mayank. My question was more concerned about the renewal of certificates on multiple servers. Using ansible or chef as suggested by SuperShot would be the way to go.
  
  – VenVig
  Apr 2 at 14:02
  

  
  
  
  

add a comment | 

Automatic renewal of letsencrypt certificates or certbot certificates.

Certbot can be configured to renew your certificates automatically before they expire.

You can set cron job to renew certificates automatically.

Go to your server and run sudo crontab -e. It will open window add following command.

0 0 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && /home/centos/certbot/certbot-auto renew >> /var/log/auto-renewal-cron 2>&1

You can get cron command by selecting system & software based on your OS like below screenshot: https://certbot.eff.org/lets-encrypt/osx-apache.html

share|improve this answer

edited Mar 29 at 10:33

answered Mar 29 at 10:10

Mayank DudakiyaMayank Dudakiya

97877 silver badges1717 bronze badges

0 0 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && /home/centos/certbot/certbot-auto renew >> /var/log/auto-renewal-cron 2>&1

share|improve this answer

edited Mar 29 at 10:33

answered Mar 29 at 10:10

Mayank DudakiyaMayank Dudakiya

97877 silver badges1717 bronze badges

answered Mar 29 at 10:10

Mayank DudakiyaMayank Dudakiya

97877 silver badges1717 bronze badges

answered Mar 29 at 10:10

Mayank DudakiyaMayank Dudakiya

97877 silver badges1717 bronze badges