[CollEc] certificate expiration notice for domain "collec.repec.org"

[Düben, Christian]

That should not be necessary. I run the same configuration on another Ubuntu machine and it works.

Christian Düben
Doctoral Candidate
Chair of Macroeconomics
Hamburg University
Germany
christian.dueben at uni-hamburg.de
https://www.christian-dueben.com

-----Original Message-----
From: Thomas Krichel <krichel at openlib.org> 
Sent: Sonntag, 11. Juni 2023 11:43
To: Düben, Christian <christian.dueben at uni-hamburg.de>
Cc: CollEc Run <collec-run at lists.openlib.org>
Subject: Re: [CollEc] certificate expiration notice for domain "collec.repec.org"

  Düben, Christian writes
> It is usually automated via systemd, but you can use crontab as well.
> 
> The renewal currently fails though. Check "certbot renew --dry-run". It runs into a 404.

  It looks like it still goes to the snap certbot.
  
root at helos ~ # ls -l /usr/bin/certbot
lrwxrwxrwx 1 root root 17 Apr  1 12:22 /usr/bin/certbot -> /snap/bin/certbot

  There are two server entrie is here

root at helos /etc/nginx/sites-enabled # head -20 collec.repec.org server {
    if ($host = collec.repec.org) {
        return 301 https://$host$request_uri;
    } # managed by Certbot


  listen                80;
  server_name           collec.repec.org;
  rewrite     ^(.*)     https://$server_name$1 permanent;


}

server {
  listen                443 ssl;
  server_name           collec.repec.org;
  access_log            /var/log/nginx/shinyproxy.access.log;


  Do we need to temporarily remove the second entry to enable renewal?

-- 
  Written by Thomas Krichel http://openlib.org/home/krichel on his 21191st day.