Update letsencrypt to certbot on UbuntuUpdate letsencrypt to certbot on Ubuntu

Many people using the Let’s Encrypt GIT package to generate SSL certificates on Ubuntu may not be aware yet that the GIT package letsencrypt has been renamed to certbot and from here on out the certbot package is the one to be using. So here’s how to quickly and easily update letsencrypt to certbot on Ubuntu.

It really is as simple as this.

Download the certbot-auto script

sudo mkdir /opt/certbot
cd /opt/certbot
sudo wget https://dl.eff.org/certbot-auto
sudo chmod a+x certbot-auto

Your old letsencrypt package will still be located in /opt/letsencrypt assuming that is where you cloned it to in the first place so you can remove it.

Thereafter there really is nothing to change except now calling certbot-auto from a different folder which will be /opt/certbot/certbot-auto

cd /opt/certbot
sudo ./certbot-auto (with the rest of your commands and flags)

So your command line to generate a certificate will now look something like this (example only). Read this tutorial about generating SSL certificates manually for using on Apache, Postfix, Dovecot etc.

sudo ./certbot-auto certonly --agree-tos --rsa-key-size 4096 --renew-by-default -m dnsadmin@mydomain.com --webroot /var/www/html/ -d mail.mydomain.com --renew-by-default

You will also need to update your Cron job that handles automatically renewing your certificates and make sure it is using the new folder location.

I also suggest adding the –dry-run flag to the end of your command line while you are learning and testing. This will show you any success or error messages without actually generating a certificate. Once you get a successful message just run it again without –dry-run.

Then it’s also a good idea to setup a Cron job to regularly check for updates to certbot too by running a very simple command line script that does the following.

cd /opt/certbot
sudo git pull

If you were expecting a slightly more complicated solution, sorry but it really is this easy.

To auto update Certbot from a CRON job just do the following in Cron every Monday at 2:30AM

30 2 * * 1 sudo cd /opt/certbot && sudo git pull

Your existing live keys are still stored in the same location so don’t worry about having to re-generate any keys, they are all still safely stored in /etc/letsencrypt/live/

More articles and tutorials regarding the Let’s Ecnrypt free SSL certificates and how to generate and use them without abusing the system will be following soon. If you have any comments, questions or suggestions, leave them below in the comments section.

I also suggest you join the Let’s Encrypt User Community Forums at this link. There are some very knowledgeable and helpful people there and they are normally very quick to respond and help people, they are also a super friendly bunch.

Happy Nixing in the Nixing Bowl !!!

7 thoughts on “Update letsencrypt to certbot on Ubuntu

  1. Pingback: Postfix and Dovecot on Ubuntu with a Lets Encrypt SSL Certificate | Ubuntu 101

  2. Pingback: Postfix and Dovecot on Ubuntu with a Lets Encrypt SSL Certificate

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.