Düben, Christian writes
It is usually automated via systemd, but you can use crontab as well.
The renewal currently fails though. Check "certbot renew --dry-run". It runs into a 404.
It looks like it still goes to the snap certbot. root@helos ~ # ls -l /usr/bin/certbot lrwxrwxrwx 1 root root 17 Apr 1 12:22 /usr/bin/certbot -> /snap/bin/certbot There are two server entrie is here root@helos /etc/nginx/sites-enabled # head -20 collec.repec.org server { if ($host = collec.repec.org) { return 301 https://$host$request_uri; } # managed by Certbot listen 80; server_name collec.repec.org; rewrite ^(.*) https://$server_name$1 permanent; } server { listen 443 ssl; server_name collec.repec.org; access_log /var/log/nginx/shinyproxy.access.log; Do we need to temporarily remove the second entry to enable renewal? -- Written by Thomas Krichel http://openlib.org/home/krichel on his 21191st day.