diff --git a/OTcerts.py b/OTcerts.py
index a55deef..1d03115 100644
--- a/OTcerts.py
+++ b/OTcerts.py
@@ -156,6 +156,33 @@ def  get_alias_list(config, dns_conn, query, aliases):
     return result_list
 
 
+def acme_renew(config, pre_hook_cmd, post_hook_cmd, dryrun=False):
+
+    args = config['certbot']['base_args']
+    # args += " -m {} ".format(config['certbot']['email'])
+    # args += "--server {} ".format(config['certbot']['server'])
+
+
+    if dryrun:
+        args += "--dry-run "
+
+    if not pre_hook_cmd is None:
+        args +=' --pre-hook "{}"'.format(pre_hook_cmd)
+
+    if not post_hook_cmd is None:
+        args +=' --post-hook "{}"'.format(post_hook_cmd)
+
+    args += " renew"
+    
+    if dryrun:
+        logging.info("{} {}".format(config['certbot']['bin'], args))
+    else:
+        os.system("{} {}".format(config['certbot']['bin'], args))
+
+    return True
+
+
+
 def acme_request(config, domain_name, acme_test='DNS-01', webroot=None, dryrun=False, domains_list=None):
 
     args = config['certbot']['base_args']
@@ -318,6 +345,22 @@ if __name__ == '__main__':
         else:
             logger.error('Error asking certificate for {}'.format(vhost_name))
 
+    if args.renew:
+        pre_hook_cmd = ""
+        post_hook_cmd = "" 
+        logging.info('Renewing certificates ')
+        if set(['webmail','hosting','liste']) & set(service_reload.keys()):
+            post_hook_cmd += " && systemctl reload apache2")
+        if set(['smtp',]) & set(service_reload.keys()):
+            post_hook_cmd += " && systemctl reload postfix")
+        if set(['mbox',]) & set(service_reload.keys()):
+            post_hook_cmd += " && systemctl restart dovecot")
+
+        logger.info("post_hook_cmd: {}".format(post_hook_cmd)
+
+        if acme_renew(config, pre_hook_cmd, post_hook_cmd, dryrun=dryrun):
+            logger.info("Done renew")
+
 
     if set(['webmail','hosting','liste']) & set(service_reload.keys()):
         # reload apache