Re: Running "certbot" ffom cron

In reply to: Jerry : "Running "certbot" ffom cron"
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: Odhiambo Washington <odhiambo_at_gmail.com>
Date: Tue, 11 Feb 2025 21:53:09 UTC

On Wed, Feb 12, 2025 at 12:32 AM Jerry <jerry@seibercom.net> wrote:

> FreeBSD 14.2-RELEASE-p1
> certbot 3.1.0
> Apache/2.4.63 (FreeBSD)
>
> I have the following command in my cron file:
>
>  /usr/local/bin/certbot --apache renew --pre-hook "service dovecot stop"
> --post-hook "service dovecot start"
>
> I have added this to the environment: CRYPTOGRAPHY_OPENSSL_NO_LEGACY=1. I
> also put itI cannot  at the top of my cron file.
>
> The command works perfectly from the command line; however, from cron it
> crashes and produces this error message.
>

If you generated the certificates using certbot --apache, then running
certbot --apache  renew is redundant.
I also don't see the need to stop dovecot then start it during this
process. Dovecot reads the certificate, but I doubt it keeps the validity
period in memory.
So simplify life and just run "certbot -q renew".

-- 
Best regards,
Odhiambo WASHINGTON,
Nairobi,KE
+254 7 3200 0004/+254 7 2274 3223
 In an Internet failure case, the #1 suspect is a constant: DNS.
"Oh, the cruft.", egrep -v '^$|^.*#' ¯\_(ツ)_/¯ :-)
[How to ask smart questions:
http://www.catb.org/~esr/faqs/smart-questions.html]