Let's Encrypt
Trond Endrestøl
trond.endrestol at ximalas.info
Mon Sep 9 10:13:14 UTC 2019
On Mon, 9 Sep 2019 16:06+0700, Victor Sudakov wrote:
> The majority is for py-certbot, so I'll probably use it. Thank you.
I have found it prudent to run certbot twice a month from cron(8),
just to be safe.
Last year, I had one case where the certificate expired a few hours
before the next run of certbot. Had I run certbot on the 1st and on
the 15th day of each month, then the certificates would have been
updated ahead of their expiration.
E.g.:
#minute hour mday month wday who command
52 4 1 * * root certbot renew --quiet --pre-hook "service apache24 stop" --post-hook "service apache24 start"
52 1 15 * * root certbot renew --quiet --pre-hook "service apache24 stop" --post-hook "service apache24 start"
--
Trond.
More information about the freebsd-security
mailing list