I use Let's Encrypt SSL certificate for my website boredom.gotdns.com

Try to use script to auto renew when days < 30 days

Below is the sample.

#!/bin/bash
#Check expiration and renew Let's Encrypt SSL certificate
#No any check, like file -f or ls -l function, so please notice.
#Sam
DAYS=60
SSLNAME="cert.pem"
SSLLOCATION="/etc/letsencrypt/live/boredom.gotdns.com"
SSLFILE="${SSLLOCATION}/${SSLNAME}"
LETSENCRYPTLOCATION="/root/.local/share/letsencrypt/bin/"
LETSENCRYPTEXE="letsencrypt"
LETEXE="${LETSENCRYPTLOCATION}/${LETSENCRYPTEXE}"
SUBJECT="Boredom SSL renew"
EMAIL="samATmyla.gotdns.com"
CONTENT="/tmp/content"

if [ -e "$CONTENT" ]; then
  rm -f "/tmp/content"
fi

get_days_left() {
   f1=$(date -d "`openssl x509 -in ${SSLFILE} -text -noout |grep "Not After" |cut -c 25-`" +%s)
    f2=$(date -d "now" +%s)
   EXP=$(echo \( $f1 - $f2 \) / 86400 |bc)
}

get_days_left
BEFORE_DAY=$EXP
if [ "$EXP" -gt "$DAYS" ]; then
 echo "Not time to renew"
  echo "Left Days: $EXP"
else
  echo "Need And Exe" > $CONTENT
 $LETEXE --renew certonly --webroot -w /www/boredom.gotdns.com -d boredom.gotdns.com
   get_days_left
   if [ "$EXP" -le "$BEFORE_DAY" ]; then
     echo "Error Renewal" >> $CONTENT
    else
      service nginx restart
     echo "Left Days After Renew:" $EXP >> $CONTENT
      lsof -i :443 >> $CONTENT
      service nginx status |grep Active: >> $CONTENT
    fi
fi

if [ -e "$CONTENT" ]; then
  mail -s "$SUBJECT" -aFROM:"$EMAIL" "$EMAIL" < $CONTENT
fi

Then add shell to your crontab.

• Prev
• Next