[sh] certwatch cron implementation for letsencrypt certificates
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Type Name Latest commit message Commit time
Failed to load latest commit information.



Independent certwatch cron script for letsencrypt certificates.

See also: nginx-certwatch

This was mainly built as I am using nginx and the normal /etc/cron.daily/certwatch script is not picking up the SSL certificates in my vhosts as it relies on apache and quits if it is not found:

test -x /etc/httpd/modules/libmodnss.so || return 0
# and
test -r /etc/httpd/conf/httpd.conf    || return 0

Add this shell script to your crontab (or copy it to /etc/cron.daily/) to be notified via email when your certificates reach expiry. The default behavior (without arguments) is to notify the root user, once the certificates will expire in 30 days or less.


All command line arguments are optional and if not specified, the default values are used.

$ letsencrypt-watch [--period=30] [--email=user@mail.tld] [--path=/etc/letsencryt]

 --period=XX       specify period in days to check for (Default: 30)
 --email=root      specify email to send notifications if period expires (Default: root)
 --path=/etc/path  specify letsencrypt base path (Default: /etc/letsencrypt) 


Put the following example in your cron daily and replace the email with your own.

@daily /path/to/letsencrypt-watch --email=cytopia@everythingcli.org


0 0 * * * /path/to/letsencrypt-watch --email=cytopia@everythingcli.org