How can I renew Let's Encrypt certificates?

This article discusses how to renew Let’s Encrypt SSL certificates that you have installed on your Droplet. It does not pertain to the Let’s Encrypt certificates that DigitalOcean manages for load balancers.

Let’s Encrypt uses the client Certbot to install, manage, and automatically renew the certificates they provide. In the case where your certificate does not automatically renew on your Droplet, you can manually trigger the renewal at anytime by running:

sudo certbot renew

If you have multiple certificates for different domains and you want to renew a specific certificate, use:

certbot certonly --force-renew -d example.com

The --force-renew flag tells Certbot to request a new certificate with the same domains as an existing certificate. The -d flag allows you renew certificates for multiple specific domains.

To verify that the certificate renewed, run:

sudo certbot renew --dry-run

If the command returns no errors, the renewal was successful.

There are a few ways to install an SSL on your Droplet, depending on where you get the certificate from.
Click “Lost your password?” in the login page.
You can install cPanel and WHM on CentOS Droplets.