Professor, Designer, Husband, Father, Gamer, Bagpiper

Last year, I posted about setting up a node server on AWS that pulls it's content from github and uses LetsEncrypt for SSL.

Some months later, I noticed I needed to renew my SSL cert's, made obvious by  https connections failing because the cert had expired.  Since it took a little bit of search to remind myself what I needed to do, I thought I'd make a note of it here.

Oops, should have renewed that cert before it expired!

The process turned out to be simple:

  1. Log in and run certbot again.  Because I'd configured it using --manual, most instructions you'd find are wrong (run certbot renew).  Instead, I had to rerun the same command I originally ran: sudo certbot certonly --manual
  2. Take the verification data value provided by certbot, and update my server to return it from the .well-known/acme-challenge url certbot also provided.
  3. Check in the changes, and redeploy the server using npm run redeploy locally.
  4. For good measure, restart the server (using npm run restart locally)
  5. The part that I forgot at first, and took me a while to figure out: restart nginx, since it also has a cached copy of the cert inside it, using sudo service nginx stop and sudo service nginx start

All in all, pretty trivial, but when you only do this every so often, it's hard to remember.  And, for folks doing it for the first time (having used the resources I pointed at in my previous post), I hope this helps.