Automatic update of certificate

Hi Guys,

I followed the instructions at and successfully set up encryption and have an icon showing the number of days left before expiry.

In my configuration.yaml file I have the following:

  - alias: 'Auto Renew SSL Cert'
      platform: numeric_state
      entity_id: sensor.ssl_cert_expiry
      below: 29
      service: shell_command.renew_ssl    

Since I was sure I was a TWO RULE person, I then had the following:

renew_ssl: ~/certbot/certbot-auto renew --quiet --no-self-upgrade --standalone --preferred-challenges http-01

It now shows that my expiry is down to 13 days, so obviously something hasn’t worked, so I thought that I might be a ONE RULE person, so when I did the recent update, I also changed my configuration to the following:

renew_ssl: ~/certbot/certbot-auto renew --quiet --no-self-upgrade --standalone --preferred-challenges tls-sni-01 --tls-sni-01-port 8123 --pre-hook "sudo systemctl stop [email protected]" --post-hook "sudo systemctl start [email protected]"

I did the update to Hassbian, then changed the line in Configuration.yaml. After making the change, I did a restart of the services but my tile is still showing 13 days to expiry. I then did a restart of my Raspberry PI and still no effect.

Before I do a manual update as per the instructions on that web page, I would like to work out what’s going wrong so I don’t have to do a manual update every 90 days.

Any help would be appreciated.

What port forwards do you have? I am not sure if you have ot have 80 forwarded to do a renewal.

def need 80 forwarded for a http challenge

I have Port 80 and 443 forward, as this is how it ended up after following the instructions above.

The above is a screenshot from my Fritz!Box

Hi guys,

Any ideas?

Edit: I manually ran the command as per the instructions on the above link and it still shows as 8 days remaining. The screenshot shows me doing the HA update, then doing the manual certificate renewal.

EDIT: The next day the icon shows 89 days so it must take a while for it to update. I would still like to know why automatic updating isn’t taking effect. Is it because once it’s below 30 days (ie on the 29th day before end) it only checks and does the update, so if it’s wrong it doesn’t keep checking each day if the conf file is updated??