I am currently self hosting this ghost blog and that means from time to time I need to perform maintenance and utility updates.

Most of the time this is a hands off approach as ghost has a command line interface tools that leverage cronjobs to update the SSL certificates which is the important part of this update.

However my ghost installation SSL certificate through letsencrypt is from the original 1.X version of the letsencrypt ACME api interface which is legacy and no longer works when I tried to run my cronjob that will automatically renew my SSL certificate.  This only happened to me as I am using an upgraded original installation of Ghost prior to 1.0 (the latest Ghost installation I just completed was to 3.0), so I have legacy url and code implementations that have remained in place and need updates to the latest API versions and techniques.

  • First install from git the latest acme.sh shell script
git clone https://github.com/Neilpang/acme.sh.git
./acme.sh --install
Neilpang/acme.sh
A pure Unix shell script implementing ACME client protocol - Neilpang/acme.sh
  • Install socat, it was missing on my server
sudo apt-get install socat
  • Force update of the SSL letsencrypt certificate and follow the prompts
sudo "/etc/letsencrypt"/acme.sh --cron --home "/etc/letsencrypt" --debug --force