diff --git a/entrypoint.sh b/entrypoint.sh
index a67278b..252a9b7 100755
--- a/entrypoint.sh
+++ b/entrypoint.sh
@@ -11,13 +11,23 @@ else
     STAGING="--staging"
 fi
 
-certbot certonly --agree-tos --cert-name "${DOMAIN}" \
-        --email "$EMAIL" --expand --non-interactive \
-        --domain "$DOMAIN" --standalone $STAGING
+# Try to get a certificate, accept failures
+while [ ! -f /etc/letsencrypt/live/${DOMAIN}/fullchain.pem ]; do
+    certbot certonly --agree-tos --cert-name "${DOMAIN}" \
+            --email "$EMAIL" --expand --non-interactive \
+            --domain "$DOMAIN" --standalone $STAGING
+    sleep 60
 
-# Correct permissions for multi user container/pod deployments
-# if not indicated otherwise
-if [ -z "$LEAVE_PERMISSIONS_AS_IS" ]; then
-    find /etc/letsencrypt -type d -exec chmod 0755 {} \;
-    find /etc/letsencrypt -type f -exec chmod 0644 {} \;
-fi
+    # Correct permissions for multi user container/pod deployments
+    # if not indicated otherwise
+    if [ -z "$LEAVE_PERMISSIONS_AS_IS" ]; then
+        find /etc/letsencrypt -type d -exec chmod 0755 {} \;
+        find /etc/letsencrypt -type f -exec chmod 0644 {} \;
+    fi
+done
+
+# Try to renew once per day
+while true; do
+    /usr/bin/certbot renew
+    sleep 86400
+done