- Make sure all your SSL’s have been set up in the SSL Cert Manager and are working
- Access your server as Root user using your preferred method
- Run the below command whereby (/home/folder-name/public_html is your DocumentRoot & your-domain.com is your domain). I circled where you can find your DocumentRoot in red (in image below) in your SSL Cert Manager.
acme.sh --issue -d your-domain.com -w /home/folder-name/public_html
- Copy the issued certs to your default cert folders using the below command
acme.sh --install-cert -d your-domain.com --cert-file /etc/pki/tls/certs/your-domain.com.cert --key-file /etc/pki/tls/private/your-domain.com.key --fullchain-file /etc/pki/tls/certs/your-domain.com.bundle
- Make sure the cron job is set up in Server Settings > CronTab. If it isn’t you can auto create it by running the below command
- Test the cron job is working using the below code (You should see all of your SSL certs successfully renew to 89 days).
You should now have successfully set up CWP/CentOS to auto renew all your SSL’s via the cron job. The below image illustrates that the cron job auto renewed them on my server at 04:51:00.
Hoping this helps someone faced with the same issue and be nice if our admins sees and incorporates a fix in CWP
– If you receive an (Accessing .well-known/acme-challenge/…) error, delete and recreate the .well-known folder ensuring it has the right permissions.
– If you need to do more than 5 auths or issues on the same domain while you’re sorting something out include (–staging) in the command to prevent getting locked out after 5 attempts (this points the request to the Let’s Encrypt sandbox).
– Forced renewal of all certs can be done with this command:
/root/.acme.sh/acme.sh --home /root/.acme.sh/cwp_certs --cron --force
or single domain
/root/.acme.sh/acme.sh --home /root/.acme.sh/cwp_certs --renew -d www.domain.com --force
***Please note: This work around is good with both my servers (CWP6 & CWP7) however as SSL failures can result in complete loss of site access I strongly advise you to have a working backup that you can simply revert back to if it’s not right for you.