Renewval of certificates is very easy. It can be done with downtime of a few seconds. You can use the
# cd letsencrypt ~/letsencrypt # service nginx stop ; ./letsencrypt-auto renew --agree-tos ; service nginx startStopping nginx. Waiting for PIDS: 49941. Checking for new version... Requesting root privileges to run letsencrypt... /root/.local/share/letsencrypt/bin/letsencrypt --no-self-upgrade renew --agree-tos Processing /etc/letsencrypt/renewal/www.share.com.conf new certificate deployed without reload, fullchain is .../www.share.com/fullchain.pem The following certs are not due for renewal yet: /etc/letsencrypt/live/w123.share.com/fullchain.pem (skipped) Congratulations, all renewals succeeded. The following certs have been renewed: /etc/letsencrypt/live/www.share.com/fullchain.pem (success) Performing sanity check on nginx configuration: nginx: the configuration file ..../nginx/nginx.conf syntax is ok nginx: configuration file ..../nginx/nginx.conf test is successful Starting nginx.