Home Server How to renew Let’s Encrypt certificate on Ubuntu

How to renew Let’s Encrypt certificate on Ubuntu

Whether you're a website administrator or a developer, this guide will provide the steps you need to renew your Let's Encrypt certificate and keep your site protected.

by Abraham
renewing the let's encrypt certificate on ubuntu

Access to a reliable and secure online environment is no longer a luxury. Nothing seems impossible now that the internet connects all corners of the globe. The internet and its numerous protocols have spurred the creation of e-learning, video conferencing, gaming, and other platforms that link people from all over the world. Regardless of how much we laud the internet, its legitimacy is meaningless without security.

Let’s Encrypt is a non-profit certificate authority providing free TLS (Transport Layer Security) encryption certificates for various domain names.

Because internet consumers prefer to browse SSL-secured websites (HTTPS) over unsecured websites (HTTP), internet-based apps and platforms must evaluate the authenticity of Let’s Encrypt SSL certificates to keep their reputation.

Let’s Encrypt uses SSL (Secure Sockets Layer) to protect active HTTPS connections against unauthorized data intrusions. In such cases, only the client and server can interact with sent data in an unencrypted manner.

Renewing the Let’s Encrypt certificate on Ubuntu

In this guide, I will illustrate how to renew the Let’s Encrypt certificate on your Ubuntu OS. For illustration purposes, I will be using Ubuntu 22.04.

We shall be using the two methods below to renew the Let’s Encrypt certificate:

  1. Automatically renew the Let’s Encrypt certificate on Ubuntu
  2. Manually renewing the Let’s Encrypt certificate on Ubuntu

Method 1: Automatically renew the Let’s Encrypt certificate on Ubuntu

The client certbot handles the installation, maintenance, and automatic renewal of Let’s Encrypt certificates by default. Before we proceed with this article segment, please confirm that you satisfy the following requirements:

  1. Let’s Encrypt is installed on your Linux machine.
  2. Your Linux server is updated.
  3. DNS records for your domain name are correctly set.
  4. You have a domain name that is registered and operating for your website or web app.

We no longer need to keep track of our SSL certificate’s expiration dates using the auto-renew option. For example, if we want the auto-renewal to occur once a month, we will navigate to the crontab.

sudo crontab -e
open crontab

Open crontab

And append the following information at the bottom of the file.

0 0 1 * * /opt/letsencrypt/letsencrypt-auto renew

A crontab item should also be added to update Let’s Encrypt automatically.

0 0 1 * * cd /opt/letsencrypt && git pull
append the following lines

Append the following lines

That’s it. Your Let’s Encrypt certificate will auto-renew.

Method 2: Manually renew the Let’s Encrypt certificate on Ubuntu

Let’s Encrypt installs, manages, and automatically renews the certificates it provides using the client Certbot. If your certificate does not renew automatically on your OS, you may manually renew it at any time by running the following:

sudo certbot renew

If you have numerous certificates for various domains and wish to renew one of them, use the following:

certbot certonly --force-renew -d fosslinux.com

Note: fosslinux.com has been used as an example of a domain to be registered. Therefore, ensure you input the right domain to avoid random errors.

The –force-renew parameter tells Certbot to seek a new certificate with the exact domains as an existing certificate. The -d parameter allows you to renew certificates for several domains simultaneously.

To ensure that the certificate has been renewed, execute the following:

sudo certbot renew --dry-run

If the command returns no errors, the renewal process is successful.


Renewing your certificate certifies the identification of your website. It ensures that the encryption you utilize is up to date, keeping user data safe while in transit. Let’s Encrypt certificates are supposed to expire every 90 days, although they should be renewed every 60 days. This is done to improve security by reducing the harm caused by a compromised key and promoting automated renewal methods. We have successfully demonstrated how to manually or automatically renew Let’s Encrypt SSL certificates. I hope you found this article tutorial useful. Please leave a remark or feedback. Thanks for reading.

You may also like

Leave a Comment


FOSS Linux is a leading resource for Linux enthusiasts and professionals alike. With a focus on providing the best Linux tutorials, open-source apps, news, and reviews, FOSS Linux is the go-to source for all things Linux. Whether you’re a beginner or an experienced user, FOSS Linux has something for everyone.

Follow Us


©2016-2023 FOSS LINUX



Adblock Detected

Please support us by disabling your AdBlocker extension from your browsers for our website.