Dimension 35C

SSL Certificate Renewal on dev.belle-academy.at

SHUBHAM MEHRA's photo
SHUBHAM MEHRA
·

2 min read

SSL certificates are essential for securing your website's communication and ensuring the trustworthiness of your online presence. To renew an SSL certificate on the Belle-M server, you can follow these steps. It's important to note that there is a weekly cronjob in place to automatically check and renew the certificate, so manual renewal may not always be necessary.

Prerequisites

Before proceeding with the SSL certificate renewal process, ensure you have the following:

  1. Access to Belle-M Server: You should have SSH access to the Belle-M server.

  2. sudo Privileges: Ensure that you have sudo privileges on the server.

  3. Domain/Subdomain Control: You should have control over the domain or subdomain for which you want to renew the SSL certificate.

  4. Public IP of EC2 Instance: Know the public IP address of the EC2 instance where your web server (e.g., Nginx) is hosted.

Steps to Renew SSL Certificate

1. Update DNS Records

To ensure your domain/subdomain is correctly pointed to your server's public IP address, follow these steps:

  • Log in to your domain registrar or DNS hosting provider's control panel.

  • Locate the DNS settings or DNS management section.

  • Update the A and AAAA records for your domain/subdomain, pointing them to the public IP address of your EC2 instance. This step may vary depending on your DNS hosting provider's interface.

2. Renew the SSL Certificate

On Belle-M server, use Certbot to renew the SSL certificate for your domain/subdomain by running the following command:

sudo certbot renew

Certbot will check the status of your certificate and renew it if it's within 30 days of expiration. If the certificate is not due for renewal, this command will have no effect.

3. Restart Nginx

After renewing the SSL certificate, restart the Nginx web server to apply the changes:

sudo systemctl restart nginx

This command will gracefully restart Nginx without causing any downtime for your website.

Automatic Weekly Renewal

As mentioned in the note, there is a cronjob running every week to automatically check and renew your SSL certificate if it's close to expiration. You don't need to manually renew the certificate unless you encounter issues with the automatic renewal process or need to make immediate changes.

To check the status of the cronjob and view its configuration, you can use the crontab command. For example:

crontab -l

This command will list the scheduled cronjobs, and you should see the Certbot renewal command in the list.

By following these steps, you can successfully renew your SSL certificate on the Belle-M server, ensuring the security of your website's communication.