You can typically install an SSL certificate by adding a few lines of configuration to the Droplet’s web server, or by using tools that automatically add the configuration for you.
How can I renew Let's Encrypt certificates?
Validated on 12 Nov 2021 • Last edited on 29 Mar 2024
This article discusses how to renew Let’s Encrypt SSL certificates that you have installed on your Droplet. It does not pertain to the Let’s Encrypt certificates that DigitalOcean manages for load balancers.
Let’s Encrypt uses the client Certbot to install, manage, and automatically renew the certificates they provide. In the case where your certificate does not automatically renew on your Droplet, you can manually trigger the renewal at anytime by running:
sudo certbot renew
If you have multiple certificates for different domains and you want to renew a specific certificate, use:
certbot certonly --force-renew -d example.com
The --force-renew
flag tells Certbot to request a new certificate with the same domains as an existing certificate. The -d
flag allows you renew certificates for multiple specific domains.
To verify that the certificate renewed, run:
sudo certbot renew --dry-run
If the command returns no errors, the renewal was successful.
Related Topics
Delete the Let’s Encrypt certificate associated with the domain in your account’s Settings section.
Upgrade your client to support TLSv1.2 or TLSv1.3 for secure MySQL connections.