Renewal following migration of certificates and aliases to a new server

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: https://www.thenakedscientists.com

I have multiple aliases pointing at the same domain e.g. +/- www. and .co.uk variants.

I migrated recently to a new server. I copied my existing config and certificates when we moved.

Previously the certs renewed automatically, but have now expired and are not renewing themselves, so I needed to renew them.

I ran certbot -v certonly --force-renew -d www.thenakedscientists.com

This has generated a new certificate entry suffixed -0001

I altered the sites-available in my nginx config to point to this new file, and the certificate now seems to work for this domain.

But my aliases are apparently not working. They were picked up by an existing 301 redirect added by certbot in the Nginx config. ( if ($host = ) {return 301 https://$host$request_uri;} # managed by Certbot.

Can someone guide me how to repair this and re-establish the renewal process please?

Have you copied over the crontab entry for certificate renewal from the old host to the new one?

3 Likes

In most circumstances it is best not to use this option. It doesn't magically fix existing problems and almost always creates new ones.

You will likely need to provide additional details for further assistance. You should have been presented a form to fill out when you created your initial post.

3 Likes

This is never a good thing:

What do these show?:

  • certrbot certificates
  • nginx -T
3 Likes

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.