Renew certificate 30 days before expiration

According to https://community.letsencrypt.org/t/quick-start-guide/1631
Renewals and Lifetimes:
Certificates from Let's Encrypt are valid for 90 days. We recommend
renewing them every 60 days to provide a nice margin of error.

diff --git a/config.sh.example b/config.sh.example
index 6a6f29c3998b3fd113bd079476544b3d914c778c..55559d2ed049f20d457ba4574d085b04ba99de6c 100644 (file)
--- a/config.sh.example
+++ b/config.sh.example
@@ -46,8 +46,8 @@
 # default: <unset>
 #HOOK=
 
-# Minimum days before expiration to automatically renew certificate (default: 14)
-#RENEW_DAYS="14"
+# Minimum days before expiration to automatically renew certificate (default: 30)
+#RENEW_DAYS="30"
 
 # Regenerate private keys instead of just signing new certificates on renewal (default: no)
 #PRIVATE_KEY_RENEW="no"

diff --git a/letsencrypt.sh b/letsencrypt.sh
index a21d76f9f297254f6158ff53e982fcfc87b001c6..3002479338fbc50ee5ac9e817dce90d822fd611f 100755 (executable)
--- a/letsencrypt.sh
+++ b/letsencrypt.sh
@@ -15,7 +15,7 @@ BASEDIR="${SCRIPTDIR}"
 CA="https://acme-v01.api.letsencrypt.org/directory"
 LICENSE="https://letsencrypt.org/documents/LE-SA-v1.0.1-July-27-2015.pdf"
 HOOK=
-RENEW_DAYS="14"
+RENEW_DAYS="30"
 PRIVATE_KEY=
 KEYSIZE="4096"
 WELLKNOWN=

diff --git a/test.sh b/test.sh
index c40a75fde35ad038fa4ecb7a46f8f4546f43bebf..a818148be1be4ad6442690ab5b0e61e87334f1ac 100755 (executable)
--- a/test.sh
+++ b/test.sh
@@ -100,6 +100,7 @@ mkdir -p .acme-challenges/.well-known/acme-challenge
 echo 'CA="https://testca.kurz.pw/directory"' > config.sh
 echo 'LICENSE="https://testca.kurz.pw/terms/v1"' >> config.sh
 echo 'WELLKNOWN=".acme-challenges/.well-known/acme-challenge"' >> config.sh
+echo 'RENEW_DAYS="14"' >> config.sh
 touch domains.txt
 
 # Check if help command is working