Certificate is expiring

[yarikoptic]

Got email with

Your certificate (or certificates) for the names listed below will expire in 6 days (on 2024-04-15). Please make sure to renew your certificate before then, or visitors to your web site will encounter errors.

We recommend renewing certificates automatically when they have a third of their total lifetime left. For Let's Encrypt's current 90-day certificates, that means renewing 30 days before expiration. See https://letsencrypt.org/docs/integration-guide/ for details.
hub.dandiarchive.org

Ideally we should automate updates. On Debian systems I believe (it is "fire and forget") rely on https://certbot.eff.org/ which might be of help here?

[satra]

it should already be automated for the current hub.

[yarikoptic]

is there a record on how it is it done ? I failed to find anything possibly related while searching through our org.

[satra]

it's in config.yaml.j2 - however for the current hub there is a manual step that needs to be done on the instance as something broke last year in that configuration with the aws proxy. i'll keep monitoring this week to see if it autorenews. in the past it has.

[satra]

for some reason the hub is again using the standard certificate from aws+dandi, not the letsencrypt one. i don't know why. that may be the reason why letsencrypt is sending those messages.