Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
I ran this command: typed domain into chrome browser
It produced this output: NET::ERR_CERT_DATE_INVALID error warning from chrome. then when I click refresh in the browser, the web site resolves securely.
My web server is (include version): apache
The operating system my web server runs on is (include version): php
My hosting provider, if applicable, is: digitalocean
I can login to a root shell on my machine (yes or no, or I don't know): yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel): no
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): n/a
The error that you mentioned can occur for a number of reasons. We often see this when a certificate has been renewed, but either the webserver serving the certificate has not finished reloading with the new certificate or the visitor's browser cache has not been cleared. It took me 20 or so refreshes this morning to see my own new certificate in my browser. Occasionally this error is seen when the time of the visitor's machine is incorrect.
As for "installing the cert locally", the only reason someone would want to locally install a root certificate is if they don't have that root certificate in their trust store, which occurs if the browser being used is on an older/unsupported device or the website is serving a certificate chained from a very new (and not yet widely supported) root certificate, such as ISRG Root X2. The video that you posted "oversolves" the problem by installing both the traditional (RSA) ISRG Root X1 certificate and new (ECDSA) ISRG Root X2 certificate.
I don't know, as you can see my Windows 10 is showing a Feature Update available,
I don't have any Security, Reliability, etc. Updates available, do you?
If YES then you need a Windows 10 Update.
Thanks for posting that SSL Checker link. I am seeing as well two certs, one expired, the other ok. So I am logging in to the server to remove the old one.
that won't help. You should try restarting Apache or even the server. You probably have a "stuck" apache process. The stuck process serving the old cert and the normal apache processes using the new.
