Attempt to Renew SSL Cert

My domain is: acuzen.com

I ran this command: certbot renew

It produced this output:
Saving debug log to /var/log/letsencrypt/letsencrypt.log

Processing /etc/letsencrypt/renewal/acuzen.com-0001.conf

Traceback (most recent call last):
File "/usr/lib/python3/dist-packages/certbot/renewal.py", line 65, in _reconstitute
renewal_candidate = storage.RenewableCert(full_path, config)
File "/usr/lib/python3/dist-packages/certbot/storage.py", line 465, in init
self._check_symlinks()
File "/usr/lib/python3/dist-packages/certbot/storage.py", line 522, in _check_symlinks
raise errors.CertStorageError(
certbot.errors.CertStorageError: expected /etc/letsencrypt/live/acuzen.com-0001/cert.pem to be a symlink
Renewal configuration file /etc/letsencrypt/renewal/acuzen.com-0001.conf is broken. Skipping.

Processing /etc/letsencrypt/renewal/acuzen.com-0002.conf

Cert not yet due for renewal

Processing /etc/letsencrypt/renewal/acuzen.com.conf

Traceback (most recent call last):
File "/usr/lib/python3/dist-packages/certbot/renewal.py", line 65, in _reconstitute
renewal_candidate = storage.RenewableCert(full_path, config)
File "/usr/lib/python3/dist-packages/certbot/storage.py", line 444, in init
raise errors.CertStorageError(
certbot.errors.CertStorageError: renewal config file {} is missing a required file reference
Renewal configuration file /etc/letsencrypt/renewal/acuzen.com.conf is broken. Skipping.

The following certs are not due for renewal yet:
/etc/letsencrypt/live/acuzen.com-0002/fullchain.pem expires on 2023-11-07 (skipped)
No renewals were attempted.

Additionally, the following renewal configurations were invalid:
/etc/letsencrypt/renewal/acuzen.com-0001.conf (parsefail)
/etc/letsencrypt/renewal/acuzen.com.conf (parsefail)

0 renew failure(s), 2 parse failure(s)

My web server is (include version): AWS, running linux

I can login to a root shell on my machine (yes or no, or I don't know): yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):

**I'm mainly a Wordpress guy and customer asked me to log into their AWS, open a console and run the certbot renew command to update the SSL cert. From the error it seems like I've got another 3 months. But I'm not sure if I'm doing it right, or if there is a way to automate this (or just do it once a year). Did this work? What do I need to do?

Nope. Website is serving a certificate expiring in 8 days.

You need to investigate what they did on that server. Because that server is messed up.

If done properly, this is a "do once, forget about it" thing.

Hello @adlej, welcome to the Let's Encrypt community.

A certificate was issued Aug 9 23:00:09 2023 GMT here crt.sh | 10132586435, however the site is still serving an older certificate https://decoder.link/sslchecker/acuzen.com/443. Why?

I have no clue. But need help in way that this would be spelled out to me.

show us these files

Also The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):

Not sure how I can get what you need to see, off the server. I have limited knowledge of AWS, linux consoles, etc.

cat /etc/letsencrypt/renewal/acuzen.com-0001.conf 
# and
cat /etc/letsencrypt/renewal/acuzen.com.conf
# will show you the files. you can then copy paste 
# (you might need to hold shift other than ctrl)
# while
certbot --version
# you can just run as a command

Did you use sudo certbot renew?

^ a clear sign that something isn't going to plan.

cat /etc/letsencrypt/renewal/acuzen.com-0001.conf

# renew_before_expiry = 30 days
version = 0.40.0
archive_dir = /etc/letsencrypt/archive/acuzen.com-0001
cert = /etc/letsencrypt/live/acuzen.com-0001/cert.pem
privkey = /etc/letsencrypt/live/acuzen.com-0001/privkey.pem
chain = /etc/letsencrypt/live/acuzen.com-0001/chain.pem
fullchain = /etc/letsencrypt/live/acuzen.com-0001/fullchain.pem

# Options used in the renewal process
[renewalparams]
account = db740e761f73d65a2941ca6845b99025
authenticator = webroot
webroot_path = /var/www/html,
server = https://acme-v02.api.letsencrypt.org/directory
[[webroot_map]]
admin.acuzen.com = /var/www/html

sudo certbot renew
Saving debug log to /var/log/letsencrypt/letsencrypt.log

Processing /etc/letsencrypt/renewal/acuzen.com-0001.conf

Traceback (most recent call last):
File "/usr/lib/python3/dist-packages/certbot/renewal.py", line 65, in _reconstitute
renewal_candidate = storage.RenewableCert(full_path, config)
File "/usr/lib/python3/dist-packages/certbot/storage.py", line 465, in init
self._check_symlinks()
File "/usr/lib/python3/dist-packages/certbot/storage.py", line 522, in _check_symlinks
raise errors.CertStorageError(
certbot.errors.CertStorageError: expected /etc/letsencrypt/live/acuzen.com-0001/cert.pem to be a symlink
Renewal configuration file /etc/letsencrypt/renewal/acuzen.com-0001.conf is broken. Skipping.

Processing /etc/letsencrypt/renewal/acuzen.com-0002.conf

Cert not yet due for renewal

Processing /etc/letsencrypt/renewal/acuzen.com.conf

Traceback (most recent call last):
File "/usr/lib/python3/dist-packages/certbot/renewal.py", line 65, in _reconstitute
renewal_candidate = storage.RenewableCert(full_path, config)
File "/usr/lib/python3/dist-packages/certbot/storage.py", line 444, in init
raise errors.CertStorageError(
certbot.errors.CertStorageError: renewal config file {} is missing a required file reference
Renewal configuration file /etc/letsencrypt/renewal/acuzen.com.conf is broken. Skipping.

The following certs are not due for renewal yet:
/etc/letsencrypt/live/acuzen.com-0002/fullchain.pem expires on 2023-11-07 (skipped)
No renewals were attempted.

Additionally, the following renewal configurations were invalid:
/etc/letsencrypt/renewal/acuzen.com-0001.conf (parsefail)
/etc/letsencrypt/renewal/acuzen.com.conf (parsefail)

And also:
cat /etc/letsencrypt/renewal/acuzen.com-0002.conf

What shows?:
ls -l /etc/letsencrypt/live/acuzen.com-0001/

ls -l /etc/letsencrypt/live/acuzen.com-0001/
ls: cannot access '/etc/letsencrypt/live/acuzen.com-0001/': No such file or directory

That is a rather older version of Certbot; see Certbot 2.6.0 Release

And Certbot Instructions | Certbot

cat /etc/letsencrypt/renewal/acuzen.com-0002.conf

# renew_before_expiry = 30 days
version = 0.40.0
archive_dir = /etc/letsencrypt/archive/acuzen.com-0002
cert = /etc/letsencrypt/live/acuzen.com-0002/cert.pem
privkey = /etc/letsencrypt/live/acuzen.com-0002/privkey.pem
chain = /etc/letsencrypt/live/acuzen.com-0002/chain.pem
fullchain = /etc/letsencrypt/live/acuzen.com-0002/fullchain.pem

# Options used in the renewal process
[renewalparams]
account = db740e761f73d65a2941ca6845b99025
authenticator = webroot
webroot_path = /var/www/html,
server = https://acme-v02.api.letsencrypt.org/directory
[[webroot_map]]
acuzen.com = /var/www/html
www.acuzen.com = /var/www/html

How do i upgrade my certbot? I can't follow those instructions

Why can you not follow those instructions?

i dont know my platform