From: Ondřej Nový Date: Sat, 2 Jan 2016 17:31:42 +0000 (+0100) Subject: Renew certificate 30 days before expiration X-Git-Tag: v0.1.0~90^2 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=da2795d34df0135c8284898df994a0fb6be78fca;p=thirdparty%2Fdehydrated.git Renew certificate 30 days before expiration According to https://community.letsencrypt.org/t/quick-start-guide/1631 Renewals and Lifetimes: Certificates from Let's Encrypt are valid for 90 days. We recommend renewing them every 60 days to provide a nice margin of error. --- diff --git a/config.sh.example b/config.sh.example index 6a6f29c..55559d2 100644 --- a/config.sh.example +++ b/config.sh.example @@ -46,8 +46,8 @@ # default: #HOOK= -# Minimum days before expiration to automatically renew certificate (default: 14) -#RENEW_DAYS="14" +# Minimum days before expiration to automatically renew certificate (default: 30) +#RENEW_DAYS="30" # Regenerate private keys instead of just signing new certificates on renewal (default: no) #PRIVATE_KEY_RENEW="no" diff --git a/letsencrypt.sh b/letsencrypt.sh index a21d76f..3002479 100755 --- a/letsencrypt.sh +++ b/letsencrypt.sh @@ -15,7 +15,7 @@ BASEDIR="${SCRIPTDIR}" CA="https://acme-v01.api.letsencrypt.org/directory" LICENSE="https://letsencrypt.org/documents/LE-SA-v1.0.1-July-27-2015.pdf" HOOK= -RENEW_DAYS="14" +RENEW_DAYS="30" PRIVATE_KEY= KEYSIZE="4096" WELLKNOWN= diff --git a/test.sh b/test.sh index c40a75f..a818148 100755 --- a/test.sh +++ b/test.sh @@ -100,6 +100,7 @@ mkdir -p .acme-challenges/.well-known/acme-challenge echo 'CA="https://testca.kurz.pw/directory"' > config.sh echo 'LICENSE="https://testca.kurz.pw/terms/v1"' >> config.sh echo 'WELLKNOWN=".acme-challenges/.well-known/acme-challenge"' >> config.sh +echo 'RENEW_DAYS="14"' >> config.sh touch domains.txt # Check if help command is working