diff --git a/certbotd.sh b/certbotd.sh
index 27eccfb..04b5529 100755
--- a/certbotd.sh
+++ b/certbotd.sh
@@ -6,14 +6,16 @@ if test -z "${NODES}"; then
 fi
 
 lock=/tmp/certbot.lck
-updated=false
+updated=/tmp/certbot.updated
 
 ensure() {
   test -n "$1" && echo "$1 received, exiting gracefully..."
 
   rm -f "${lock}"
 
-  ${updated} || exit 0
+  test -f "${updated}" || exit 0
+
+  rm -f "${updated}"
 
   # Fix permissions, users in group ssl have read access
   find /etc/letsencrypt -type d | xargs -r chmod 2750
@@ -41,7 +43,7 @@ case $1 in
   # Renew certificates, trust in certbot's algorithms
   renew)
     /usr/bin/certbot renew --quiet --agree-tos
-    updated=true
+    touch "${updated}"
     ;;
   bootstrap)
     for site in ${SUTTY} api.${SUTTY}; do
@@ -58,7 +60,7 @@ case $1 in
       cd /etc/letsencrypt/live
       ln -s ${SUTTY} default
 
-      updated=true
+      touch "${updated}"
     done
 
     ;;
@@ -101,7 +103,7 @@ case $1 in
                                     --agree-tos \
                                     --webroot-path /var/lib/letsencrypt \
                                     -d "${domain}"
-          updated=true
+          touch "${updated}"
         done
 esac