Configure certbot: user email and auto-renew

Question

Configure certbot: user email and auto-renew

eskombro opened this issue 4 years ago · 4 comments

Currently, certbot is used to create automatic SSL certificates if the user selects this option. This process needs to specify a user email address and creates a temporary certificate. The way it is handled now raises two main problems:

This script is using a MeiliSearch email address, so the user doesn't get notifications.
The auto-renew process is not handled

When these certificates expire, not only they probably won't be renewed automatically, but the user won't be notified about it.

Answer 1 · 2020-12-17T13:03:11.000Z

Really well explained!
How can we solve this? Can we use the user email address for this?

Answer 2 · 2020-12-17T13:38:42.000Z

I think we should ask indeed for their user email address, and use it.
Need to check if the certbot certificate auto-renew is actually working

Answer 3 · 2020-12-17T13:53:35.000Z

I think DO have auto-renew as default from their images (like it checked twice a day!), not sure if it applies to our own image. Anyway, you can add sudo certbot renew in a cron job. If you want to be sure it's setup for doing it correctly, you can do a dry run sudo certbot renew --dry-run

Answer 4 · 2023-05-09T16:02:41.000Z

Transfer of this issue to the cloud-provider project due to its depreciation