Certbot does not force Apache2 to read newly generated certificates

The name of the pictureThe name of the pictureThe name of the pictureClash Royale CLAN TAG#URR8PPP











up vote
0
down vote

favorite












System: GNU/Linux Debian 9.5 headless.



Situation & Question



I have just caught the Let's Encrypt Certbot to re-generate the SSL certificate but did not reload Apache2. This has resulted in a half-day not functioning domain. I want to automate this. How to go about it?





This is my current Certbot CRON file /etc/cron.d/certbot:



# /etc/cron.d/certbot: crontab entries for the certbot package
#
# Upstream recommends attempting renewal twice a day
#
# Eventually, this will be an opportunity to validate certificates
# haven't been revoked, etc. Renewal will only occur if expiration
# is within 30 days.
SHELL=/bin/sh
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin

0 */12 * * * root test -x /usr/bin/certbot -a ! -d /run/systemd/system && perl -e 'sleep int(rand(43200))' && certbot -q renew





ssl certificates certbot






share

























    up vote
    0
    down vote

    favorite












    System: GNU/Linux Debian 9.5 headless.



    Situation & Question



    I have just caught the Let's Encrypt Certbot to re-generate the SSL certificate but did not reload Apache2. This has resulted in a half-day not functioning domain. I want to automate this. How to go about it?





    This is my current Certbot CRON file /etc/cron.d/certbot:



    # /etc/cron.d/certbot: crontab entries for the certbot package
    #
    # Upstream recommends attempting renewal twice a day
    #
    # Eventually, this will be an opportunity to validate certificates
    # haven't been revoked, etc. Renewal will only occur if expiration
    # is within 30 days.
    SHELL=/bin/sh
    PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin

    0 */12 * * * root test -x /usr/bin/certbot -a ! -d /run/systemd/system && perl -e 'sleep int(rand(43200))' && certbot -q renew





    ssl certificates certbot






    share























      up vote
      0
      down vote

      favorite









      up vote
      0
      down vote

      favorite











      System: GNU/Linux Debian 9.5 headless.



      Situation & Question



      I have just caught the Let's Encrypt Certbot to re-generate the SSL certificate but did not reload Apache2. This has resulted in a half-day not functioning domain. I want to automate this. How to go about it?





      This is my current Certbot CRON file /etc/cron.d/certbot:



      # /etc/cron.d/certbot: crontab entries for the certbot package
      #
      # Upstream recommends attempting renewal twice a day
      #
      # Eventually, this will be an opportunity to validate certificates
      # haven't been revoked, etc. Renewal will only occur if expiration
      # is within 30 days.
      SHELL=/bin/sh
      PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin

      0 */12 * * * root test -x /usr/bin/certbot -a ! -d /run/systemd/system && perl -e 'sleep int(rand(43200))' && certbot -q renew





      ssl certificates certbot






      share













      System: GNU/Linux Debian 9.5 headless.



      Situation & Question



      I have just caught the Let's Encrypt Certbot to re-generate the SSL certificate but did not reload Apache2. This has resulted in a half-day not functioning domain. I want to automate this. How to go about it?





      This is my current Certbot CRON file /etc/cron.d/certbot:



      # /etc/cron.d/certbot: crontab entries for the certbot package
      #
      # Upstream recommends attempting renewal twice a day
      #
      # Eventually, this will be an opportunity to validate certificates
      # haven't been revoked, etc. Renewal will only occur if expiration
      # is within 30 days.
      SHELL=/bin/sh
      PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin

      0 */12 * * * root test -x /usr/bin/certbot -a ! -d /run/systemd/system && perl -e 'sleep int(rand(43200))' && certbot -q renew





      ssl certificates certbot




      ssl certificates certbot





      share












      share










      share



      share










      asked 1 min ago









      Vlastimil

      7,0001152125




      7,0001152125




















          1 Answer
          1






          active

          oldest

          votes

















          up vote
          0
          down vote















          This can be simply accomplished by adding:



          && apachectl -k graceful


          to the daily Certbot command.



          This way, twice a day:



          • The certificates will get checked for expiration and if expired, then they'll get renewed.


          • Apache will get reloaded. Apache will advise its threads to exit when idle, and then apache reloads the configuration.





          share




















            Your Answer







            StackExchange.ready(function()
            var channelOptions =
            tags: "".split(" "),
            id: "106"
            ;
            initTagRenderer("".split(" "), "".split(" "), channelOptions);

            StackExchange.using("externalEditor", function()
            // Have to fire editor after snippets, if snippets enabled
            if (StackExchange.settings.snippets.snippetsEnabled)
            StackExchange.using("snippets", function()
            createEditor();
            );

            else
            createEditor();

            );

            function createEditor()
            StackExchange.prepareEditor(
            heartbeatType: 'answer',
            convertImagesToLinks: false,
            noModals: false,
            showLowRepImageUploadWarning: true,
            reputationToPostImages: null,
            bindNavPrevention: true,
            postfix: "",
            onDemand: true,
            discardSelector: ".discard-answer"
            ,immediatelyShowMarkdownHelp:true
            );



            );













             

            draft saved


            draft discarded


















            StackExchange.ready(
            function ()
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f478195%2fcertbot-does-not-force-apache2-to-read-newly-generated-certificates%23new-answer', 'question_page');

            );

            Post as a guest

















            1 Answer
            1






            active

            oldest

            votes








            1 Answer
            1






            active

            oldest

            votes









            active

            oldest

            votes






            active

            oldest

            votes








            up vote
            0
            down vote















            This can be simply accomplished by adding:



            && apachectl -k graceful


            to the daily Certbot command.



            This way, twice a day:



            • The certificates will get checked for expiration and if expired, then they'll get renewed.


            • Apache will get reloaded. Apache will advise its threads to exit when idle, and then apache reloads the configuration.





            share
























              up vote
              0
              down vote















              This can be simply accomplished by adding:



              && apachectl -k graceful


              to the daily Certbot command.



              This way, twice a day:



              • The certificates will get checked for expiration and if expired, then they'll get renewed.


              • Apache will get reloaded. Apache will advise its threads to exit when idle, and then apache reloads the configuration.





              share






















                up vote
                0
                down vote










                up vote
                0
                down vote











                This can be simply accomplished by adding:



                && apachectl -k graceful


                to the daily Certbot command.



                This way, twice a day:



                • The certificates will get checked for expiration and if expired, then they'll get renewed.


                • Apache will get reloaded. Apache will advise its threads to exit when idle, and then apache reloads the configuration.





                share














                This can be simply accomplished by adding:



                && apachectl -k graceful


                to the daily Certbot command.



                This way, twice a day:



                • The certificates will get checked for expiration and if expired, then they'll get renewed.


                • Apache will get reloaded. Apache will advise its threads to exit when idle, and then apache reloads the configuration.






                share











                share


                share










                answered 1 min ago









                Vlastimil

                7,0001152125




                7,0001152125



























                     

                    draft saved


                    draft discarded















































                     


                    draft saved


                    draft discarded














                    StackExchange.ready(
                    function ()
                    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f478195%2fcertbot-does-not-force-apache2-to-read-newly-generated-certificates%23new-answer', 'question_page');

                    );

                    Post as a guest
































































                    -

                    Popular posts from this blog

                    How to check contact read email or not when send email to Individual?

                    Image
                    Clash Royale CLAN TAG #URR8PPP up vote 1 down vote favorite I'm using WordPress 4.9.8, CiviCRM to 5.5.1, I usually send email to contact by Search> Find contacts View contact details Action> Send email Send email ok, Contact received mail ok like picture But status only Email sent though contact read email or not. So, can CiviCRM can change status to Email read when contact read email? wordpress email share | improve this question asked Sep 26 at 0:12 ToanLuong 49 9 add a comment  |  up vote 1 down vote favorite I'm using WordPress 4.9.8, CiviCRM to 5.5.1, I usually send email to contact by Search> Find contacts View contact details Action> Send email Send email ok, Contact received mail ok like picture But status only Email sent though contact read email or not. So, can CiviCRM can change status to Email read when contact read email? wordpress email share | improve this questi...
                    Read more

                    Christian Cage

                    Image
                    Christian Cage Christian in March 2015 Birth name William Jason Reso Born ( 1973-11-30 ) November 30, 1973 (age 45) Kitchener, Ontario, Canada Residence Tampa, Florida, United States Spouse(s) Denise Hartmann ( m.   2001 ) Children 1 Professional wrestling career Ring name(s) Christian [1] Christian Cage [2] Conquistador Dos [3] Male Nurse [4] Billed height 6 ft 1 in (1.85 m) [1] Billed weight 212 lb (96 kg) [1] Billed from Tampa, Florida (WM18, TNA) Toronto, Ontario, Canada [1] Trained by Dory Funk Jr. [2] Ron Hutchison [5] Debut 1995 [5] Retired 2014 [6] William Jason Reso (born November 30, 1973) is a Canadian actor, podcaster and retired professional wrestler best known for his time in WWE under the ring name Christian , a shortened version of his original ring name Christian Cage that was also used during his tenure in Total Nonstop Action Wrestling (TNA). Reso was trained by former professional wrestlers Ron Hutchison and Dory Funk Jr. and m...
                    Read more

                    How to properly install USB display driver for Fresco Logic FL2000DX on Ubuntu?

                    Image
                    Clash Royale CLAN TAG #URR8PPP up vote 4 down vote favorite 1 I need to connect additional monitors on my computer and I get Fresco Logic FL2000DX USB display adapters. This adapters works perfect on Windows but I need to use on my development machine based on Ubuntu 16.04. I find this on git hub: https://github.com/fresco-fl2000/fl2000 and try to install it but installation fail. Can anyone help me regarding this? Thanks! ubuntu drivers display-settings proprietary-drivers share | improve this question asked Aug 16 '17 at 16:42 Ivijan Stefan Stipić 142 1 6 add a comment  |  up vote 4 down vote favorite 1 I need to connect additional monitors on my computer and I get Fresco Logic FL2000DX USB display adapters. This adapters works perfect on Windows but I need to use on my development machine based on Ubuntu 16.04. I find this on git hub: https://github.com/fresco-fl2000/fl2000 and ...
                    Read more