The ssl certificates on lonnakelly.com and lonnakellystudio.com have expired. When I try to log in, I am receiving this message: Firefox spotted a potentially serious security issue with www.lonnakelly.com. Someone pretending to be the site could try to steal things like credit card info, passwords, or emails
Let's Encrypt has been in use on both sites and have expired.I have tried to install a new Let's Encrypt but can't find guidance on how to do that.
Indeed they have, 3+ weeks ago.
What did you do to get the cert in the first place? Try doing it again. Since you failed to answer any of the questions you were given when you opened this topic, that's the best advice we can give at this point.
Hello @LonKel, welcome to the Let's Encrypt community. 
In addition to danb35's reply.
When you opened this thread in the Help section, you should have been provided with a questionnaire. Maybe you didn't get it somehow (which is weird), or you've decided to delete it. In any case, all the answers to this questionnaire are required:
Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is: lonnakelly.com, www.lonnakelly.com, and lonnakellystudio.com
I ran this command:
It produced this output:
My web server is (include version):
The operating system my web server runs on is (include version):
My hosting provider, if applicable, is:
I can login to a root shell on my machine (yes or no, or I don't know):
I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):
Thank you for assisting us in helping YOU!
Also it seems both lonnakelly.com and www.lonnakelly.com are Apache
$ curl -Ii http://lonnakelly.com/.well-known/acme-challenge/sometestfile
HTTP/1.1 404 Not Found
Date: Sat, 02 May 2026 20:21:23 GMT
Server: Apache
Content-Security-Policy: upgrade-insecure-requests
Content-Type: text/html; charset=iso-8859-1
$ curl -Ii http://www.lonnakelly.com/.well-known/acme-challenge/sometestfile
HTTP/1.1 404 Not Found
Date: Sat, 02 May 2026 20:21:33 GMT
Server: Apache
Content-Security-Policy: upgrade-insecure-requests
Content-Type: text/html; charset=iso-8859-1
While lonnakellystudio.com appear to be nginx/1.27.2
$ curl -Ii http://lonnakellystudio.com/.well-known/acme-challenge/sometestfile
HTTP/1.1 404 Not Found
Date: Sat, 02 May 2026 20:21:52 GMT
Server: nginx/1.27.2
Content-Type: text/html; charset=iso-8859-1
Content-Length: 355
Content-Security-Policy: upgrade-insecure-requests
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Other community volunteers I have PMed LonKel a bit, and yes the hosting is Bluehost,
I gather the OS is Windows and not using IIS, and the webserver is Apache 2.4.46 on Windows
and one of the tools presently trying to be used is Certify the Web so tagging @webprofusion
And I have shared these links also.
And I found this "A Guide to Free SSL Certificates with Let's Encrypt" on Bluehost.
https://www.bluehost.com/help/article/how-to-activate-a-free-wordpress-ssl
Just basic stuff.
https://www.bluehost.com/ssl-certificates
@LonKel,
That screen capture is showing a domain name of capitalskyeye.com as a point of issue,
as well as the IIS issue you've point out.
But using the online tool Let's Debug yields results of https://letsdebug.net/capitalskyeye.com/2895305 and the "All OK!" is best interpreted as didn't find anything that is a FAIL, but doesn't mean it will Succeed (more likely chance it can succeed).
Also how were the Certificate originally obtained?
Like with Bluehost's assistance, independent support person (possibly they are out of the picture now), direct use of an ACME Client, etc.
Yeah the Test function assumes IIS, or that the built in http challenge server process should be available but when using apache or nginx port 80 isn't sharable between listeners.
To use Certify Certificate Manager with Apache or nginx you pretty much have to follow the "web root" style where the webserver serves the http challenge response:
To use that method, first figure out where your web server files are and create a test text file with no extension e.g. at /.well-known/acme-challenge/test then browse to it with a browser. If you can't get that to work, contact an IT support company because that's table stakes for getting this done. We all find ourselves looking after things because nobody else will but sometimes it's better to delegate.
I'm assuming @LonKel has an actual windows web server they are administrator of and that's where the app is running, otherwise the only option is DNS validation and uploading certs.
Note that licensed customers of Certify Certificate Manager can get private support email support via support at certifytheweb.com and community edition users can post to https://community.certifytheweb.com/ for non-urgent assistance.
