Ihor Radchenko <[email protected]> writes:
> Certificate for list.orgmode.org appears to be expired:
> My browser is giving me ERR_CERT_DATE_INVALID
There is a CNAME record (handled by digitalocean.com) making the
"list.orgmode.org" domain name an alias for "orgmode.yhetil.org",
hosted by Kyle, which works fine.
On the nginx config, there is:
server {
server_name orgmode.org;
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/xxx/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/xxx/privkey.pem;
include /etc/letsencrypt/options-ssl-nginx.conf;
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
rewrite ^/list/(.*) https://list.orgmode.org/$1 permanent;
}
The last line rewrites requests like
https://orgmode.org/list/875ynnojvf.fsf@localhost
to
https://list.orgmode.org/875ynnojvf.fsf@localhost
which is supposed to be handled by the CNAME alias.
This is the configuration that used to work so far, I don't understand
why it doesn't work anymore as I didn't change anything. Certificates
for orgmode.org and yhetil.org are OK.
Kyle, do you have any clue?
--
Bastien
