How to automate cerbot auto renewal for certificates on OEL7

Matrix movie painting character weapon woman male wallpaper | 1920x1200 |  628222 | WallpaperUP

Automating certificates renewal using snapd-cerbot instead of the old cerbot-auto which is getting deprecated.

First Step

Installing snapd on OEL7 or CentOS7

sudo yum install snapd

Once installed, the systemd unit that manages the main snap communication socket needs to be enabled:

sudo systemctl enable --now snapd.socket
sudo systemctl  start snapd
sudo systemctl status snapd
sudo ln -s /var/lib/snapd/snap /snap

Second Setp

Installing cerbot using snapd

sudo snap install --classic certbot

Execute the following instruction on the command line on the machine to ensure that the certbot command can be run.

sudo ln -s /snap/bin/certbot /usr/bin/certbot

Run this command to get a certificate and have Certbot edit your Nginx configuration automatically to serve it, turning on HTTPS access in a single step.

sudo certbot --nginx

Test automatic renewal

The Certbot packages on your system come with a cron job or systemd timer that will renew your certificates automatically before they expire. You will not need to run Certbot again, unless you change your configuration. You can test automatic renewal for your certificates by running this command:

sudo certbot renew --dry-run

The command to renew certbot is installed in one of the following locations:

/etc/crontab/
/etc/cron.*/*
systemctl list-timers

https://certbot.eff.org/lets-encrypt/centosrhel7-nginx
https://snapcraft.io/docs/installing-snap-on-centos