Acme.sh: Any hooks available for auto renewal similar to --reloadCmd ?

I would suggest you use --reloadcmd as a workaround.

acme.sh --issue .....  --reloadcmd "/root/.acme.sh/myreload.sh"

myreload.sh

service nginx reload
echo "$Le_Domain is renewed" | mail -s "$Le_Domain is renewed"   [email protected]

but wouldn't that send an email even if the issuance failed ? rather than email only when issuance succeeded ?

Ok, Let me think about it. Adding a new hook is a good idea.

BTW, in the current implementation, if the renewal failed, you will get error message in the cron job. If you set the [email protected] entry, you should get notified.

Thanks the plan is to use this hook so i can actually send push notifications to mobile/tablet devices with the actual certs expiry date and later is that to add push notification reminders when an ssl cert is near expiring

@Neilpang --reloadcmd command doesn't work with --cron job.
Is there any way to have the list of updated certs, --installcert them, and reload the service (nginx, haproxy, whatever handles SSL) from cron job ?

I probably miss something :)

@sclo what do you mean by "doesn't work" ?

Give me the debug log:

acme.sh  --cron  --debug 2

@Neilpang sorry for my incomplet comment.
I've tried "acme.sh --cron (same as default) with --reloadcmd "echo something" --force

but. looking at the code, it seems that "$_reloadcmd" is used only for issue and installcert command, not for cron.

So I missed something in my workflow (new at letsencrypt and acme.sh's tool here :)).
After auto renewall via cron (and some certs eventualy updated), how did I known which one have been renewed, that I could "installcert" them and use --reloadcmd for the last one ?

How did you do to update certs and restart service after auto renewall ?

I guess I could maintain an alternate file status from --list --listraw command and use this to update certs and restart service.

Thanks

@sclo
Read this segment:
https://github.com/Neilpang/acme.sh#install-issued-cert-to-apachenginx-etc

Steps:

1. Issue your cert
2. Install cert to your server(nginx or apache or any other server) path with --reloadcmd.
3. The paths(and reloadcmd) is recorded in the domain config file automatically. When the cert is renewed, the server will be reloaded automatically. You don't need to call reloadcmd by yourself in future.

@Neilpang thanks for the help (and the tool) !

To add a --reloadcmd later, if it was not used during --issue or --installcert, you can add it to the $DOMAIN_CONF file (it's the _your.domain.tld_.conf file in the same directory as your certificates) :

Le_ReloadCmd="/path/to/your_reload_command"

@mivk
Yes, but it's not recommended to edit the domain conf file directly.
Please use --installcert cmd instead.

The reason why I didn't use it with --installcert is that I want to first have the certificate files installed (in /etc/ssl), and then adapt the configuration of the various services, and check their reloading individually. Only after this initial issue/install/config-changes/manual-reloads, do I want a cron job and automatic reloadcmd.

It would be nice to have the cronjob also accept --reloadcmd.

@mivk The cronjob is never meant to do that.
I meant that it's suggested to use --installcert with only one parameter "--reloadcmd".
Like:

acme.sh --installcert  --reloadcmd  "/root/.acme.sh/myreload.sh"

Then, you can write any code in the myreload.sh.
Something like: copying the cert and key files, restart you webservers etc.
You can write anything there.

@centminmod

I think you may try those hooks.

https://github.com/Neilpang/acme.sh/issues/282