Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. |, so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:

I ran this command: certbot renew

It produced this output:


  • Congratulations! Your certificate and chain have been saved at:
    Your key file has been saved at:
    Your cert will expire on 2021-06-16. To obtain a new or tweaked
    version of this certificate in the future, simply run certbot again
    with the "certonly" option. To non-interactively renew all of
    your certificates, run "certbot renew"

  • If you like Certbot, please consider supporting our work by:

    Donating to ISRG / Let's Encrypt:
    Donating to EFF:

My web server is (include version): Server version: Apache/2.4.6 (CentOS)

The operating system my web server runs on is (include version):
CentOS Linux release 7.9.2009

My hosting provider, if applicable, is:
Not applicable

I can login to a root shell on my machine (yes or no, or I don't know):

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
I'm not using a control panel to manage my site

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):
certbot 1.10.1

Hello, first, I hope you don't mind my grammar, I'm using Translate Google to compose this message.
We published our Zabbix hosted on a CentOS server, the certification process using Letsencrypt was relatively easy. However, recently our certificate has expired. After many attempts to renew the certificate, using the --renew parameter in the certbot command, with the successful return of the renewal, the web page continued to publish the expired certificate.

What information, logs and attempts are needed to count on your help in this case?
Thank you so much!

1 Like



is a new Letsencrypt certificate, not expired. Looks ok, created 2021-03-15.

1 Like

Sorry, send the wrong domain. The correct domain follows:


1 Like

Did you restart your server? A certificate is created - don't do that again, there is a rate limit.

If that doesn't help, your config is buggy.

apachectl -S
1 Like

I ran the command you asked for, and that was the return:

[root@zabbix002 ~]# apachectl -S
VirtualHost configuration:
*:443 is a NameVirtualHost
default server (/etc/httpd/conf.d/ssl.conf:56)
port 443 namevhost (/etc/httpd/conf.d/ssl.conf:56)
port 443 namevhost (/etc/httpd/conf.d/zabbix.conf:37)
*:80 (/etc/httpd/conf.d/zabbix.conf:46)
ServerRoot: "/etc/httpd"
Main DocumentRoot: "/usr/share/zabbix"
Main ErrorLog: "/etc/httpd/logs/error_log"
Mutex proxy-balancer-shm: using_defaults
Mutex rewrite-map: using_defaults
Mutex authdigest-client: using_defaults
Mutex ssl-stapling: using_defaults
Mutex proxy: using_defaults
Mutex authn-socache: using_defaults
Mutex ssl-cache: using_defaults
Mutex default: dir="/run/httpd/" mechanism=default
Mutex mpm-accept: using_defaults
Mutex authdigest-opaque: using_defaults
PidFile: "/run/httpd/"
User: name="apache" id=48
Group: name="apache" id=48
[root@zabbix002 ~]#

It helps?

1 Like

We already restart the server!


1 Like


is your problem.

Two vHosts with the same combination of port and domain name -> that's fatal.

Merge both in one, remove the other.

Check, where the correct certificate is used.

Or remove both and let Certbot create a new (something like certbot --reinstall).

1 Like

Great !!!!

It worked out!!!! The settings were only configured in zabbix.conf !!!!

Thank you so much!!!


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.