My little script for renewing all my certs.

renew.sh

# NOTE!: This script assumes you're using ACME.SH by Neilpang
# to handle Let’s Encrypt certs and that, like me, it isn't playing
# nicely with Apache2 on CentOS 7.
#
# !! THIS IS NOT A CATCHALL RENEWAL SCRIPT !!
# !! IF YOU PLAN ON USING IT, MAKE SURE TO GO OVER IT AND MAKE !!
# !! NECESSARY CHANGES UNLESS YOU LIKE EVERYTHING BREAKING !!
#
# Remember to replace all instances of "service httpd restart" with
# whatever command you use to restart apache and change CONFIGPATH
# to the path to apache's config file
#
# Run this script as root
#
CONFIGPATH="/etc/httpd/conf/httpd.conf"
echo "Checking for acme.sh"
if [ ! -d "acme.sh" ]; then
  echo "Getting acme.sh"
  git clone https://github.com/Neilpang/acme.sh
  chmod -R 777 acme.sh
fi
echo "Preparing to create backups..."
if [ ! -d "backup" ]; then
  echo "Creating backup folder"
  mkdir backup
  chmod 777 backup
fi
echo "Checking for existing configs"
timestamp=$(date +%Y-%m-%d_%H-%M-%S)
madebackup=False
if [ -e $CONFIGPATH ]; then
  echo "Creating backup of config as $timestamp.conf"
  cp $CONFIGPATH "backup/$timestamp.conf"
  madebackup=True
fi
echo "Using non-ssl config..."
# Edit httpd.conf.http to just be a non-ssl version of your existing conf
yes | cp -i httpd.conf.http $CONFIGPATH
echo "\nRestarting apache..."
service httpd restart
echo "Begining acme renewal"
# Put all certs you're going to renew here
# Use the following command for each cert you plan to renew
# acme.sh/acme.sh --renew -d example.com -d www.example.com --force
# Go to https://github.com/Neilpang/acme.sh/wiki for more info
if [ madebackup ]; then
  echo "Restoring old apache configs"
  yes | cp -i "backup/$timestamp.conf" $CONFIGPATH
  echo "\nRestarting apache"
  service httpd restart
fi
echo "Cleaning up acme.sh"
rm -rf acme.sh