Module 9: Setting Up a Cloud Server
Getting HTTPS working once is not enough. Let’s Encrypt certificates expire quickly by design, so the real deployment milestone is automated renewal, not manual issuance.
That short lifetime is not a flaw. It is the reason the ecosystem can lean so heavily on automation. Instead of treating certificate replacement as an infrequent ceremony people dread, the system pushes you toward a scriptable renewal path that keeps the server current with minimal manual work.
The lesson takes the direct Linux approach: write a renewal script, make it executable, and schedule it with cron. The details in the video are old-school, but the operational idea is still good. Renewal should be repeatable, unattended, and explicit enough that you can audit what it is doing.
The awkward part in the original setup is downtime. Because the certificate tooling and the server stack do not integrate perfectly, the backend may have to stop briefly while the renewal process runs. That is not ideal, but it is better than letting the certificate expire. In a more mature deployment you would try to reduce or eliminate that interruption, yet the basic rule remains: an imperfect automated renewal process is still far better than a perfect manual process nobody remembers to run.
The main thing to preserve from this lesson is the deployment mindset. Security-related operational steps should not live only in your memory. They should live in scripts, scheduled tasks, and configuration that the server can execute predictably.