We use Renewing the certificates for the TLS certificates on the website and Hackhub, among other services. These certs expire every 90 days so need to be renewed within that period to avoid errors.
Renewing the certificates
This should happen automatically now (certbot-renew.sh is in cron.weekly on Finzean and Garioch).