Renewing an SSL certificate
A renewal will not extend your existing certificate expiration date, it will result in a brand new certificate that must be installed in place of the existing one. Both certificate and private key must be replaced on the server.
There is no way to extend the expiration of an existing certificate.
Checking certificates dates
This command will display the certificates it’s managing, including expiration dates on your Ubuntu Apache Web Server.
sudo certbot certificates
Renewing or Updating SSL Certificate
First of all run this command containing all of your subdomains including root domain and your email address.
sudo certbot --apache --agree-tos --redirect --uir --hsts --staple-ocsp --must-staple -d mywebsite.in,www.mywebsite.in,mail.mywebsite.in --email [email protected]
After this command this prompt will open: (You have to choose 2)
That right. Based on your check and how your server is responding, I think you’re safe. and Now Your Certificate is renewed.
Setup Auto-Renew for LetsEncrypt SSL Certificates Apache
Did you know? Configuring auto-renew for you Let’s Encrypt SSL certificates means your website will always have a valid SSL certificate.
To automatically renew Let’s Encrypt certificate, simply edit root user’s crontab file.
sudo crontab -e
Then add the following line at the bottom.
@daily certbot renew --quiet && systemctl reload apache2
--quiet flag will suppress normal messages.
If you want to receive error messages, then add the following line at the beginning of crontab file.
MAILTO=your-email-address
Restart Apache.
sudo systemctl restart apache2
Know: How to Properly Enable HTTPS on any website.
