我对certbot具有以下续订配置:
# Options used in the renewal process
[renewalparams]
authenticator = webroot
account = ***
webroot_path = /home/whoever/website/public,
server = https://acme-v02.api.letsencrypt.org/directory
[[webroot_map]]
我已经安排了crontab
中的任务来每天检查续订:
0 3 * * * certbot renew --post-hook "systemctl restart nginx"
我要在续订时重新启动Nginx,但是systemctl reload nginx
或systemctl reload-or-restart nginx
呢?以下哪项是使用Nginx处理证书续订的理想方式? 我什至需要重启nginx来获取/使用新证书吗?