Certbot Renew Not Working AWS Lightsail Bitnami

Hello All,

My domain is: americangroup.us

I ran this command from this tutorial: https://lightsail.aws.amazon.com/ls/docs/en_us/articles/amazon-lightsail-using-lets-encrypt-certificates-with-wordpress#request-a-lets-encrypt-certificate-wordpress

It produced this output: Successful Renewal, a few days ago. But now, today, when the old Cert expired, the site is not HTTPS. Anyone know what to do? when running renewal now, I am not able to go through the whole process again, it says because it doesn’t need renewal.

My web server is (include version): Apache/2.4.39

The operating system my web server runs on is (include version): Unix

My hosting provider, if applicable, is: AWS

I can login to a root shell on my machine (yes or no, or I don’t know): yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):
No
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): certbot 0.31.0

Below is the complete Success Message:

    Congratulations! Your certificate and chain have been saved at:
   /etc/letsencrypt/live/americangroup.us/fullchain.pem
   Your key file has been saved at:
   /etc/letsencrypt/live/americangroup.us/privkey.pem
   Your cert will expire on 2020-03-25. To obtain a new or tweaked
   version of this certificate in the future, simply run certbot
   again. To non-interactively renew *all* of your certificates, run
   "certbot renew"
 - If you like Certbot, please consider supporting our work by:

   Donating to ISRG / Let's Encrypt:   https://letsencrypt.org/donate
   Donating to EFF:                    https://eff.org/donate-le

This is not the same as in the tutorial, which allows you to verify domain by providing TXT records ot add to DNS. I suspect this might be the problem. How can I access these TXT records manually, to configure DNS?

Can you tell if apache was restarted after the certificate renewal? That is needed, since apache reads the certificate only on startup, and then uses that version until a restart.
There should be a restart log entry in /var/log/httpd/{whatever your server log name is}
If no restart has occurred, you can do it manually this way:
service httpd restart

Thanks, dk. There wasn’t a restart. I did so using bitnami’s recommendation:

sudo /opt/bitnami/ctlscript.sh restart apache