Article Nginx

How to add a renew hook for certbot?

Anwesha Das

18 Aug 2022 • 1 min read

After moving the foss.trainingserver to a new location, we found that TLS certificate was expired. I had looked and figured out that though certbot renewed the certificate, it never reloaded the nginx.

Now to make sure that nginx is reloaded next time, we must add the renew hook in the /etc/letsencrypt/renewal/foss.training.conf under the [renewalparams]

renew_hook = service nginx reload

One must remember to update the path based on their DNS. Thank you Saptak for pointing to the expired certificate and mentioning that it is a common pain point for people. I hope that this will be helpful for people in the future.

Topics

Python: 69 community: 32 PyLadies: 27 System Administration: 22 Free Software: 20 Ansible: 19 Open Source: 18 Conference: 14 red hat: 13 Fedora: 9 Talk: 8 Uncategorized: 7 developers: 7 server: 6 devops: 6 Censorship: 5 Intellectual Property: 5 License: 5 legal: 5 digital rights: 5 Privacy: 5 EFF: 5 Certbot: 5 Ubuntu: 5 Patent: 4 pycon: 4 PSF: 4 fundamental rights: 4 Nginx: 4 linux: 4 networking: 4 FOSSASIA: 3 Micropython: 3 blocking website: 3 HasGeek: 3 pandemic: 3 dgplug: 3 security: 3 PyLadies Stockholm: 3 Microbit: 2 GPL: 2 mistakes: 2 blogging: 2 Ghost: 2 dpglug: 2 Circuit Python: 2 law: 2 data: 2 znc: 2 OpenPGP: 2 GnuPG: 2 CentOS: 2 dns: 2 foss: 2 Getting Started: 1 Information Technology Act: 1 Quid Pro Quo: 1 Brand: 1 International Women's Day: 1 BBC: 1 ESP8266: 1 git: 1 PyPI: 1 Packaging: 1 FSF: 1 GNU: 1 DreamHost: 1 Medical Devices: 1 LCA: 1 Docker: 1 QubesOS: 1 copyleft: 1 Rootconf: 1 AWS: 1 tracing app: 1 internet shutdown: 1 irc: 1 save.org: 1 ICAAN: 1 Internet Society: 1 gnome: 1 patent troll: 1 title 35: 1 selinux: 1 Licenses: 1 Mailvelope: 1 RNP: 1 Thunderbird: 1 Rust: 1 Writefreely: 1 upgrade: 1 debian: 1 apache: 1 ipv4: 1 ipv6': 1 NTS: 1 NTP: 1 tls: 1 Microsoft: 1 kubernetes: 1 vim: 1