Chrome, Firefox non valid certificates

Help
18

letsencrypt.log

2018-11-12 13:30:31,871:DEBUG:certbot.main:certbot version: 0.28.0
2018-11-12 13:30:31,872:DEBUG:certbot.main:Arguments: ['--apache']
2018-11-12 13:30:31,872:DEBUG:certbot.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#apache,PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot)
2018-11-12 13:30:31,898:DEBUG:certbot.log:Root logging level set at 20
2018-11-12 13:30:31,899:INFO:certbot.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log
2018-11-12 13:30:31,902:DEBUG:certbot.plugins.selection:Requested authenticator apache and installer apache
2018-11-12 13:30:32,011:DEBUG:certbot_apache.configurator:Apache version is 2.2.15
2018-11-12 13:30:32,234:DEBUG:certbot.plugins.selection:Single candidate plugin: * apache
Description: Apache Web Server plugin - Beta
Interfaces: IAuthenticator, IInstaller, IPlugin
Entry point: apache = certbot_apache.entrypoint:ENTRYPOINT
Initialized: <certbot_apache.override_centos.CentOSConfigurator object at 0x7f7409cb3eb8>
Prep: True
2018-11-12 13:30:32,236:DEBUG:certbot.plugins.selection:Selected authenticator <certbot_apache.override_centos.CentOSConfigurator object at 0x7f7409cb3eb8> and installer <certbot_apache.override_centos.CentOSConfigurator object at 0x7f7409cb3eb8>
2018-11-12 13:30:32,236:INFO:certbot.plugins.selection:Plugins selected: Authenticator apache, Installer apache
2018-11-12 13:30:32,249:DEBUG:certbot.main:Picked account: <Account(RegistrationResource(uri='https://acme-v01.api.letsencrypt.org/acme/reg/36130960', terms_of_service='https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf', body=Registration(terms_of_service_agreed=None, status='valid', only_return_existing=None, key=JWKRSA(key=<ComparableRSAKey(<cryptography.hazmat.backends.openssl.rsa._RSAPublicKey object at 0x7f7406cad2b0>)>), agreement='https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf', contact=('mailto:admin@migracion.gob.sv',)), new_authzr_uri='https://acme-v01.api.letsencrypt.org/acme/new-authz'), 9b93dcceb667c228c41943d9c4bf2d09, Meta(creation_dt=datetime.datetime(2018, 6, 5, 15, 42, 25, tzinfo=), creation_host='apps.migracion.gob.sv'))>
2018-11-12 13:30:32,252:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory.
2018-11-12 13:30:32,260:DEBUG:requests.packages.urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org
2018-11-12 13:30:32,601:DEBUG:requests.packages.urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 658
2018-11-12 13:30:32,602:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Content-Type: application/json
Content-Length: 658
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
Expires: Mon, 12 Nov 2018 19:30:43 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 12 Nov 2018 19:30:43 GMT
Connection: keep-alive

{
"3wAPjzjgxkY": "Adding random entries to the directory",
"keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change",
"meta": {
"caaIdentities": [
"letsencrypt.org"
],
"termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf",
"website": "https://letsencrypt.org"
},
"newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct",
"newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce",
"newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order",
"revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert"
}
2018-11-12 13:30:39,325:INFO:certbot.renewal:Cert not yet due for renewal
2018-11-12 13:30:58,594:INFO:certbot.main:Keeping the existing certificate
2018-11-12 13:30:58,595:DEBUG:certbot.reporter:Reporting to user: Congratulations! Your certificate and chain have been saved at:
/etc/letsencrypt/live/apps.migracion.gob.sv/fullchain.pem
Your key file has been saved at:
/etc/letsencrypt/live/apps.migracion.gob.sv/privkey.pem
Your cert will expire on 2019-02-10. To obtain a new or tweaked version of this certificate in the future, simply run certbot-auto again with the "certonly" option. To non-interactively renew all of your certificates, run "certbot-auto renew"
2018-11-12 13:30:58,662:DEBUG:certbot.reverter:Creating backup of /etc/httpd/conf/httpd-le-ssl.conf
2018-11-12 13:30:58,751:INFO:certbot_apache.configurator:Deploying Certificate to VirtualHost /etc/httpd/conf/httpd-le-ssl.conf
2018-11-12 13:31:01,941:WARNING:certbot.client:Enhancement redirect was already set.
2018-11-12 13:31:02,075:DEBUG:certbot.reporter:Reporting to user: If you like Certbot, please consider supporting our work by:

Donating to ISRG / Let's Encrypt: Donate - Let's Encrypt
Donating to EFF: Support EFF's Work on Let's Encrypt | Electronic Frontier Foundation