Automated Let's encrypt + Jenkins ssl renewal script with cron

  1. Create the script

    • Create a file named anywhere accessible and enter the code below:
      # change password value to your password
      sudo service apache2 stop || true
      certbot renew || true
      cd /etc/letsencrypt/live/
      rm /var/lib/jenkins/jenkins.jks
      openssl pkcs12 -inkey privkey.pem -in fullchain.pem -export -out keys.pkcs12 -password pass:$SSLPASS || true
      keytool -importkeystore -srcstorepass $SSLPASS -deststorepass $SSLPASS -noprompt -v -srckeystore keys.pkcs12 -srcstoretype pkcs12 -destkeystore /var/lib/jenkins/jenkins.jks || true
      sudo service jenkins restart || true
      sudo service apache2 start || true
  2. Execute the script every month using cron

    • Crontab entry:
      0 1 1 * * ~/ > /var/log/renew-ssl-jenkins.log



Add new comment

Plain text

  • No HTML tags allowed.
  • Lines and paragraphs break automatically.
  • Web page addresses and email addresses turn into links automatically.