Skip to content

Instantly share code, notes, and snippets.

Created January 3, 2019 23:01
  • Star 6 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
Star You must be signed in to star a gist
What would you like to do?
Automated certbot renew for Mac with launchd (launchctl)

Automatic certbot renew on a Mac

It seems like everyone is using cron for setting up certbot renew on Macs but I couldn't find anyone doing it with launchd. The other file in this Gist is the service file.

The documentation on the Let's Encrypt site actually recommends having it run twice a day (12 hours apart) but I've found that once a day is more than sufficient since if it fails it still has another 29 days to succeed.


For fear of people being lazy and just copy/pasting the whole thing I've removed the Hour and Minute that my script runs at. (Change the CHANGE THIS values) Just choose a random hour and minute of the day, avoid minute "00" just to be kind to Let's Encrypt.


This assumes you've already got your certs and you've installed everything you need. If you can successfully run sudo certbot renew --dry-run then you're good to go and can continue here.

Copy the com.letsencrypt.renew.plist file into /Library/LaunchDaemons/, then

# Ensure the correct permissions and ownership
sudo chmod 644 /Library/LaunchDaemons/com.letsencrypt.renew.plist
sudo chown root:wheel /Library/LaunchDaemons/com.letsencrypt.renew.plist

# Load and start the service as root
sudo launchctl load /Library/LaunchDaemons/com.letsencrypt.renew.plist
sudo launchctl start com.letsencrypt.renew

If it worked there should be no output. To confirm that it worked:

$ sudo launchctl list | grep -i letsencrypt
-       0       com.letsencrypt.renew
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "">
<plist version="1.0">
<integer>CHANGE THIS (e.g. 4 for 4am)</integer>
<integer>CHANGE THIS (e.g. 33 for the 33rd minute of the hour)</integer>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment