Let's Encrypt Backup
BASH, Let's Encrypt, Certbot
For the majority of clients which I manage websites for, when configuring SSL certificates if the client doesn't have any special requirements I typically opt for Let's Encrypt with Certbot. I choose to use Let's Encrypt for several reasons, first being it's free which when compared to traditional SSL certificates meaning that costs for website owners are reduced. Secondly Let's Encrypt is relatively maintenance free once it is set up and the automated renewals are configured, when compared with other certificates which require a fresh renewal process before the expiry date. Finally, due to the simplicity of setup and that it is free-of-charge, Let's Encrypt is promoting a more secure and private Internet for everyone to use, something which I am a big advocate for.
As part of the installation process, the documentation of Certbot advises that a complete backup of the configuration is regularly taken.
Your account credentials have been saved in your Certbot configuration directory at /etc/letsencrypt. You should make a secure backup of this folder now. This configuration directory will also contain certificates and private keys obtained by Certbot so making regular backups of this folder is ideal.
After searching online for a solution which would seamlessly the appropriate configuration files, I was unable to locate something which was suitable or fit for purpose. I therefore wrote a small BASH script to allow for easy backup of these files. I wanted to develop a solution which would run on multiple environments without installing additional packages, and would allow configuration to send the files to any location. By making use of this script you could set it up as a cronjob to automatically back up the Let's Encrypt configuration files at set intervals. As you had control over the end location you could also send them to any directory, such as to a remote server, to provide further redundancy.