sudo systemctl stop nginx sudo docker run --rm -it -p80:80 -p443:443 -v "/etc/letsencrypt:/etc/letsencrypt" -v "/var/lib/letsencrypt:/var/lib/letsencrypt" certbot/certbot certonly --expand --standalone -d yolo.iix.se sudo systemctl start nginx
Extending the certificate to also cover www.iix.se sudo certbot certonly --standalone -d iix.se,www.iix.se,monit.iix.se,test.iix.se Sat Nov 04 11:14 W44 Saving debug log to /var/log/letsencrypt/letsencrypt.log Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org ------------------------------------------------------------------------------- You have an existing certificate that contains a portion of the domains you requested (ref: /etc/letsencrypt/renewal/iix.se.conf) It contains these names: iix.se, monit.iix.se, test.iix.se You requested these names for the new certificate: iix.se, www.iix.se, monit.iix.se, test.iix.se. Do you want to expand and replace this existing certificate with the new certificate?...
Crontab for renewal # m h dom mon dow command 15 3 * * * certbot renew --quiet --no-self-upgrade --pre-hook "systemctl stop nginx.service" --post-hook "systemctl start nginx.service" Docker alternative Note that if you run certbot in docker, you cannot use the –pre-hook and –post-hook as the other services cannot be changed through the docker container. Instead, you should create a script file, where you run the –pre-hook before the command and –post-hook afterwards...