If you have a straight forward set-up you should be able to set up a simple cron job that runs certbot renew twice a day.
Alternatively you could set up your own script to check whether you are nearing expiry, then set it to email you on failure - or just get the script to fail if you have cron to email the server admin on failure of any cron jobs. In this case you could use something like this:
#!/bin/bash
# Read the domain from user input or set it as a variable
domain="elixirforum.com" # Replace with your domain or pass it as an argument
# Path to the certificate file
cert_file="/etc/letsencrypt/live/$domain/fullchain.pem"
# Check if the certificate file exists
if [[ ! -f "$cert_file" ]]; then
echo "Certificate file not found: $cert_file"
exit 1 # Fail with a non-zero exit code
fi
# Extract the expiration date of the certificate
expires=$(openssl x509 -enddate -noout -in "$cert_file" | cut -d= -f2)
# Convert the expiration date to a timestamp
expires_timestamp=$(date -d "$expires" +%s)
# Get the current timestamp
current_timestamp=$(date +%s)
# Calculate the number of seconds in two weeks (14 days)
two_weeks=$((14 * 24 * 60 * 60))
# Check if the certificate expires in less than two weeks
if [[ $((expires_timestamp - current_timestamp)) -lt $two_weeks ]]; then
echo "The SSL certificate for $domain expires on $expires. Please renew it soon!"
exit 1 # Fail with a non-zero exit code
fi
# If everything is fine, exit with success
exit 0
Please note this is untested! I used DeepSeek to help me convert parts of my old Ruby script to Bash.
