Renew Let’s Encrypt SSL certificate

Here is how to test, renew or force renew your SSL certificate.

The Certbot packages on your system come with a cron job or systemd timer that will renew your certificates automatically before they expire. You will not need to run Certbot again, unless you change your configuration.

Run the following command to test:

sudo certbot renew --dry-run

If everything is alright, you should see the following:

Congratulations, all simulated renewals succeeded:

/etc/letsencrypt/live/<your domain>/fullchain.pem (success)

Note: Above you see, where your certificates are stored.

Renew certificates (with force)

With the following command, you can force certbot to renew all the existing certificates.

sudo certbot renew --force-renewal