Another renewed but still expired help request

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g., so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain

I ran this command: ```
sudo certbot -d $DOMAIN -d $WILDCARD --manual --preferred-challenges dns certonly

It produced this output:
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator manual, Installer None
Starting new HTTPS connection (1):
Cert not yet due for renewal

You have an existing certificate that has exactly the same domains or certificate name you requested and isn't close to expiry.
(ref: /etc/letsencrypt/renewal/

What would you like to do?
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1: Keep the existing certificate for now
2: Renew & replace the cert (limit ~5 per 7 days)
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Select the appropriate number [1-2] then [enter] (press 'c' to cancel): 

My web server is (include version):
Amazon Lightsail LAMP7 instance

The operating system my web server runs on is (include version):
Welcome to Ubuntu 16.04.6 LTS (GNU/Linux 4.4.0-1109-aws x86_64)

My hosting provider, if applicable, is:
Amazon Lightsail LAMP7

I can login to a root shell on my machine (yes or no, or I don't know):
I can SUDO

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of `certbot --version` or `certbot-auto --version` if you're using Certbot):
certbot 0.31.0

I have followed the instructions at:

In detail with this domain and several others but never had an issue.  I accidentally let the certificate expire on this domain and following these steps I'm still getting that the cert is expired when I go to the site.
1 Like


Do you have a specific hostname that showed certificate invalid?
Currently your root domain has a valid certificate that’ll expire on Sep 30 12:42:32 2020 GMT.

If you successfully installed your certificate and reloaded your webserver, there might be cache to your local browser that still use the old certificate. In that case, you can try to use a online certificate checking tool such as or use another browser to verify your certificate deployment.

Thank you


Hi Sevenzhu, my apologies… It looked like it just took a very long time to propagate.

I did clear brower caches and it suddenly started working.

One thing I did do differently was since the cert had expired completely I followed the final steps in that link I posted to copy the cert files into apache and restart.

That may have been what was needed. Not sure.


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.