Questions and discussion about web design, search engine optimisation and hosting
-
s
- Posts: 336
- Joined: 2017-7-5 09:58
Unread post
by s » 2025-4-12 04:23
Letsencrypt is no longer sending SSL certificate expiration notices by email. If you are running
certbot on your server, you have no way of knowing if any of your SSL certificates have failed to renew and have stopped working. I made a little script you can run from your
crontab to check if there are currently any expired SSL certificates and send you a notification by email. Please note that this solution does not work on
Digitalocean because they are blocking email ports.
Code: Select all
#!/bin/bash
#
# Notify by email if an SSL certificate has expired
if /usr/bin/certbot certificates 2> /dev/null | grep -q "INVALID"; then
echo "From: \"YOURSERVERNAME\" <root@YOURSERVERNAME>
Subject: ALERT: SSL certificate(s) have expired
Content-Type: text/plain; charset=utf-8
There are expired SSL certificate(s), run sudo certbot certificates to check them.
" | mail YOUREMAILADDRESS
fi
Happy hacking,
Santeri
