That should not be necessary. I run the same configuration on another Ubuntu machine and it works. Christian Düben Doctoral Candidate Chair of Macroeconomics Hamburg University Germany christian.dueben@uni-hamburg.de https://www.christian-dueben.com -----Original Message----- From: Thomas Krichel <krichel@openlib.org> Sent: Sonntag, 11. Juni 2023 11:43 To: Düben, Christian <christian.dueben@uni-hamburg.de> Cc: CollEc Run <collec-run@lists.openlib.org> Subject: Re: [CollEc] certificate expiration notice for domain "collec.repec.org" Düben, Christian writes
It is usually automated via systemd, but you can use crontab as well.
The renewal currently fails though. Check "certbot renew --dry-run". It runs into a 404.
It looks like it still goes to the snap certbot. root@helos ~ # ls -l /usr/bin/certbot lrwxrwxrwx 1 root root 17 Apr 1 12:22 /usr/bin/certbot -> /snap/bin/certbot There are two server entrie is here root@helos /etc/nginx/sites-enabled # head -20 collec.repec.org server { if ($host = collec.repec.org) { return 301 https://$host$request_uri; } # managed by Certbot listen 80; server_name collec.repec.org; rewrite ^(.*) https://$server_name$1 permanent; } server { listen 443 ssl; server_name collec.repec.org; access_log /var/log/nginx/shinyproxy.access.log; Do we need to temporarily remove the second entry to enable renewal? -- Written by Thomas Krichel http://openlib.org/home/krichel on his 21191st day.