Odnowienie co 60 dni poprzez moduł wykorzystujący crona
Odnawia wszystkie certyfikaty, które zbliżają się do wygaśnięcia <= 30 dni do końca. Komendę można wydawać codziennie lub raz na tydzień, można dodać do crona.
# certbot renew
Tylko sprawdza działania –dry-run
# certbot renew --dry-run
Zmiana długości klucza z 2048 na 4096
# certbot renew --rsa-key-size 4096
Saving debug log to /var/log/letsencrypt/letsencrypt.log
——————————————————————————-
Processing /etc/letsencrypt/renewal/revitesite.pl.conf
——————————————————————————-
Cert not due for renewal, but simulating renewal for dry run
Renewing an existing certificate
Performing the following challenges:
http-01 challenge for revitesite.pl
Waiting for verification…
Cleaning up challenges
Generating key (2048 bits): /etc/letsencrypt/keys/0001_key-certbot.pem
Creating CSR: /etc/letsencrypt/csr/0001_csr-certbot.pem
** DRY RUN: simulating 'certbot renew’ close to cert expiry
** (The test certificates below have not been saved.)
Congratulations, all renewals succeeded. The following certs have been renewed:
/etc/letsencrypt/live/revitesite.pl/fullchain.pem (success)
** DRY RUN: simulating 'certbot renew’ close to cert expiry
** (The test certificates above have not been saved.)
IMPORTANT NOTES:
– Your account credentials have been saved in your Certbot
configuration directory at /etc/letsencrypt. You should make a
secure backup of this folder now. This configuration directory will
also contain certificates and private keys obtained by Certbot so
making regular backups of this folder is ideal.