Last year, I posted about setting up a node server on AWS that pulls it's content from github and uses LetsEncrypt for SSL.
Some months later, I noticed I needed to renew my SSL cert's, made obvious by https connections failing because the cert had expired. Since it took a little bit of search to remind myself what I needed to do, I thought I'd make a note of it here.
The process turned out to be simple:
- Log in and run certbot again. Because I'd configured it using
--manual, most instructions you'd find are wrong (run
certbot renew). Instead, I had to rerun the same command I originally ran:
sudo certbot certonly --manual
- Take the verification data value provided by certbot, and update my server to return it from the
.well-known/acme-challengeurl certbot also provided.
- Check in the changes, and redeploy the server using
npm run redeploylocally.
- For good measure, restart the server (using
npm run restartlocally)
- The part that I forgot at first, and took me a while to figure out: restart nginx, since it also has a cached copy of the cert inside it, using
sudo service nginx stopand
sudo service nginx start
All in all, pretty trivial, but when you only do this every so often, it's hard to remember. And, for folks doing it for the first time (having used the resources I pointed at in my previous post), I hope this helps.