Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
Your recently-expired cert is not a Let's Encrypt cert; it's from ZeroSSL instead. If you want to renew that, you'll need to ask them how. If you want to get a cert from Let's Encrypt instead, start here:
But, you were getting Let's Encrypt certs before your most recent. If you are using the acme.sh client to get certs you may have been affected by their change in Aug to default to ZeroSSL. It should have continued using Let's Encrypt for certs that were using LE but some people found that did not work right. See this article from the author of acme.sh
The LE -> ZeroSSL change is probably due to the fact that before 2021-09-21 all the certificates including mail.weglobal-group.com were part of a certificate which also included file.weglobal-group.com. But the ZeroSSL certificate is a cert containing onlymail.weglobal-group.com.
Also funny fact is that there were 3 certificates issued for mail.weglobal-group.com at 2020-09-17: 2 from Let's Encrypt and 1 from ZeroSSL. Maybe it was a renewal of this latter certificate?
Who knows? We don't know for sure, mostly due to lacking information in OP. @perryhuynh We really require more information from you than just the domain name and the fact you can log in to a root shell I'm afraid. Or are the answers to those other questions complete oblivious to you? Including even the webserver and OS of the server? The name of which ACME client was used would be most helpful.
Yes, and funny that recent renewals only happened after the prior expired. Indicates to me that renewals were likely done manually. And, perhaps with different parameters or even different clients.
Agreed, we can only offer guesses with such limited info.