https://github.com/toggenation/cert-checker

Recently I created a Cert Expiry Checker so I can be notified when my and my clients SSL certs are 27 days from expiry. What is strange is I got notified that a client on Squarespace has an SSL cert within 27 days of expiry and today one of my own websites alerted that the cert has less than 27 days till expiry.

I can’t do much about about the Squarspace SSL cert as their servers will continue to serve the low in life left cert but I can on my webserver.

So to get Let’s encrypt to reload nginx and thus start serving the recently updated cert:

cd /etc/letsencrypt
cp cli.ini.dpkg-dist cli.ini

Contents of cli.ini Add the deploy-hook line

# Because we are using logrotate for greater flexibility, disable the
# internal certbot logrotation.
max-log-backups = 0
# Adjust interactive output regarding automated renewal
preconfigured-renewal = True

deploy-hook = systemctl reload nginx