This article discusses how to renew Let’s Encrypt SSL certificates that you have installed on your Droplet. It does not pertain to the Let’s Encrypt certificates that DigitalOcean manages for load balancers.
Let’s Encrypt uses the client Certbot to install, manage, and automatically renew the certificates they provide. In the case where your certificate does not automatically renew on your Droplet, you can manually trigger the renewal at anytime by running:
sudo certbot renew
If you have multiple certificates for different domains and you want to renew a specific certificate, use:
certbot certonly --force-renew -d example.com
--force-renew flag tells Certbot to request a new certificate with the same domains as an existing certificate. The
-d flag allows you renew certificates for multiple specific domains.
To verify that the certificate renewed, run:
sudo certbot renew --dry-run
If the command returns no errors, the renewal was successful.