When do certificates renew?


We’ve started messing about with setting up CertifyTheWeb with RDS gateways (Using PowerShell scripting)

What we’re wondering is, at what time will the certificates renew? Is this based on when the certificate was first issued? It would be quite funky to get calls from our users about the RDS going down midday (when we got our first LE cert) because of a renewal and our amazing PowerShell script :stuck_out_tongue:

I was reading through the 4.1.6 branch code but could not easily figure it out. There were quite many abstractions to go through.


In the current version, scripting just runs when the renewal runs so that can happen at any time of the day as required by the renewal (by default 30 days since the last one, but this can vary if renewal fails due to network conditions etc). Some users script out another script, then scheduled that as a windows scheduled task to run during a maintenance window, as a workaround.

From v5 onwards (currently in beta) scripting is replaced/augmented with Deployment Tasks (https://certifytheweb.com/home/features#deployment_tasks).

These can be deferred (manually run or called from the command line as part of a scheduled task) and they can run as different windows/network users if required (defined in the deployment task settings).

There is also a pre-built RDS Gateway deployment task you could try out (where RDS is running on the same server as Certify), or you can run your own powershell script if you have more sophisticated requirements.

Thank you for the quick response, until v5 we’ll rewrite out PS scripts to fork and wait until midnight for execution.

Stoked for v5, thanks again! :slight_smile:

1 Like