py37-certbot question

Odhiambo Washington odhiambo at
Fri Sep 11 06:59:32 UTC 2020

On Fri, 11 Sep 2020 at 00:48, Valeri Galtsev <galtsev at>

> Dear Experts,
> I hope, someone knows details of python3 based certbot. Namely, if run
> with "update" command, it updated certificates that will expire "soon".
> How soon, it doesn't say in man page, just soon. Does someone know how
> close to expiration cert should be to be considered by the script for
> renewal.
> I use certbot since its python 2 version - for quite some time actually
> to renew LetsEncrypt certificates. With python2 version in the past I
> run cron job daily and I was restarting apache from that same script if
> certificate was updated. With python3 version when I switched to it I
> followed somebody's HOWTO, and just added to /etc/periodic.conf:
> weekly_certbot_enable="YES"
> weekly_certbot_service="apache24"
> And was living happily ever since. However, one of the machines is about
> 4 days before expiration, Letsencrypt sent me notification: update cert.
> I checked, and crond is runnning, /etc/periodic.conf is as expected, and
> now, 4 days before expiration script (with --dry run flag) indeed goes
> about renewing the cert. There is one weekly cron jobs set that will
> happen before actual expiration of my certs, so I somehow think all is
> OK and my cert will be renewed.
> But I am just curios how many days before expiration certbot does renew
> certificate that will expire "soon".
> Or should I probably switch it over to daily cron job?
> As every lazy sysadmin, I do prefer to set things up so they definitely
> work without my attention. And I do not want to be reminded to do
> something it it will still happen on its own. So, switch to daily cron job?

You could use this:

<>I have been using it on my
systems for 4 years.

Best regards,
+254 7 3200 0004/+254 7 2274 3223
"Oh, the cruft.", grep ^[^#] :-)

More information about the freebsd-questions mailing list