Auto-renew SSL Certs in Seconds: Meet httpsok

If you’ve ever managed an Nginx server with HTTPS, you know the pain of SSL certificate renewal. Miss a renewal and your site goes from “secure” to “scary” in an instant. Even with Let’s Encrypt and certbot, automating the process for Nginx can be fiddly — especially when you need to reload or reconfigure your server after renewal.

Enter httpsok — a lightweight tool that claims to handle SSL certificate auto-renewal in under a minute, and automatically tell Nginx about it. No cron jobs, no manual reloads, no surprises.

Let’s take a quick look.

What It Does

httpsok is a simple command-line tool that:

• Monitors your SSL certificates (by default from Let’s Encrypt or any ACME provider).
• Automatically renews them before they expire.
• Updates your Nginx configuration without needing a manual reload.

The magic is in the “automatic Nginx detection” — it watches your running Nginx processes, finds the right configuration files, and reloads them only when the certificate changes. No downtime, no extra work.

Under the hood, it uses a small agent that runs on your server, reads your existing Nginx config, and integrates with whatever ACME client you already use (or you can use its built-in ACME support).

Why It’s Cool

A few things stand out here:

1. Zero configuration for Nginx.
Unlike certbot’s --nginx plugin, which can sometimes modify your config in unexpected ways, httpsok leaves your files alone. It just detects the listening ports and SSL directives, then hot-reloads after renewal.

2. It’s ridiculously fast.
The tweet says “one minute to set up” — that’s not far off. You download the binary, point it at your Nginx config, and it starts working. No Python dependencies, no complex systemd timers.

3. Works with existing ACME setups.
If you already have certbot or acme.sh running renewal cron jobs, httpsok can sit alongside them and just handle the Nginx reload part. Or you can let it do everything.

4. Minimal footprint.
It’s a single binary (written in Go, likely) — no daemon, no memory leaks, no bloat. Just a handy tool.

How to Try It

Check out the GitHub repo for full docs. The quick start is:

1. Download the binary for your platform from the releases page.
2. Run httpsok — it will scan your Nginx config and start monitoring.
3. That’s it. It auto-renews and reloads.

You can also set it up as a service if you want it to run continuously. The README has a one-liner for that.

Note: The tool is in active development, so test it on a staging server first if you’re risk-averse. But for personal or low-traffic sites, it’s a solid time-saver.

Final Thoughts

SSL management is one of those chores that everyone hates but can’t skip. httpsok doesn’t reinvent the wheel — it just makes the final mile (renew + reload) smooth and automatic. If you’re managing multiple Nginx sites or just want to set and forget your SSL, this is worth a try.

Go check it out, and let me know if you find any edge cases. I’m planning to throw it on a few of my side projects next week.

Found this useful? Follow us at @githubprojects for more dev tools and projects.