Hi, there still is a delta between public cert status and the one on my mail server, which cert rewal was done successfully.
The original purpose was to revoke/delete an old cert with several domains and replace it with one unique cert for only one domain. Then something went messy.
root@mackerel ~ # certbot renew --force-renewal --cert-name mail.crypteo.org-0002
Saving debug log to /var/log/letsencrypt/letsencrypt.log
-------------------------------------------------------------------------------
Processing /etc/letsencrypt/renewal/mail.crypteo.org-0002.conf
-------------------------------------------------------------------------------
Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org
Renewing an existing certificate
Performing the following challenges:
http-01 challenge for mail.crypteo.org
Waiting for verification...
Cleaning up challenges
Generating key (2048 bits): /etc/letsencrypt/keys/0060_key-certbot.pem
Creating CSR: /etc/letsencrypt/csr/0060_csr-certbot.pem
-------------------------------------------------------------------------------
new certificate deployed with reload of apache server; fullchain is
/etc/letsencrypt/live/mail.crypteo.org-0002/fullchain.pem
-------------------------------------------------------------------------------
Congratulations, all renewals succeeded. The following certs have been renewed:
/etc/letsencrypt/live/mail.crypteo.org-0002/fullchain.pem (success)
Compare now with the status on this page from Comodo : https://crt.sh/?Identity=%mail.crypteo.org&iCAID=16418 where it appears as expired
How can I fix that hellish problem ? I’m running out of ideas.