Let's Encrypt Auto Renewal
The bad news is that my server was unreachable yesterday due to a bug in my SSL certificate renewal script. Sorry about that. The good news is, while debugging the issue, I discovered that the functionality for auto-renewal is now built into the letsencrypt
client.
This feature, as simple as typing ./letsencrypt-auto renew
, was added to Let’s Encrypt back in February. Follow the Digital Ocean guide if you need help setting up a cron job, and your certificates will never get outdated again.
Since 2015, before this feature was available, I was using a script dubbed le-renew.sh
provided by Erika Heidi at Digital Ocean. Unfortunately, when the auto-renew was supposed to kick off this month, this script ran into a parsing error:
PluginError((‘There has been an error in parsing the file (%s): %s’, u’/etc/apache2/sites-enabled/roche.io.conf’, u’Syntax error’),)
I only found one other mention of this error through search, which suggested that my whitespace was inconsistent. Regardless, when I checked the guide from Digital Ocean that originally provided the script, they had replaced it with the now standard ./letsencrypt-auto renew
command.
I deleted the old shell script, replaced it with that command, and my free SSL cert was working perfectly again. No other changes necessary.
My thanks to the Let’s Encrypt team. Less dependencies, less problems.