Invalid Cert Date after Renew

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. |, so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:

I ran this command: certbot certificates

It produced this output: Found the following certs:
Certificate Name:
Domains: *
Expiry Date: 2021-04-22 17:01:25+00:00 (VALID: 61 days)
Certificate Path: /etc/letsencrypt/live/
Private Key Path: /etc/letsencrypt/live/

My web server is (include version): Amazon Lightsail

The operating system my web server runs on is (include version): Ubuntu 16.04.6 LTS (GNU/Linux 4.4.0-1121-aws x86_64)

My hosting provider, if applicable, is: Network solutions

I can login to a root shell on my machine (yes or no, or I don't know): no, using sudo

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):

Chrome browser error message:

1 Like

Sudo is an application to provide root access. While strictly answering "No" to this question is indeed correct, for the purpose of the question ("Can you run stuff as the root user?"), sudo is fine :slight_smile: Although you obviously understood that, otherwise you wouldn't have answered "using sudo" :wink:

Anyway, on to your problem: how did you get the certificate? With which certbot plugin? Did you use the apache or nginx plugin as installer? If you did not use those plugins, you're required to reload your webserver after the renewal. Most of the time, a user would add a simple reload command to the --deploy-hook command when getting the certificate in the first place if the apache or nginx plugin wasn't used.


Hi and thank you for the reply. I used the tutorial linked below (which I think is Apache) and renewed the certificate manually


Not sure how Bitnami on Lightsail is different than other Bitnami instances, but that guide you've used is terrible.. Just wow..

No guarantees from my end, but you would probably have been better off with this info:

Now that you've used the LightSail tutorial however, I'm not sure you can just go and use the how-to linked in the above thread.

In any case, if you'd like to continue using that Lightsail how-to, you should read the final paragraph closely:

Step 9: Renew the Let's Encrypt certificates every 90 days
Let’s Encrypt certificates are valid for 90 days. Certificates can be renewed 30 days before they expire. To renew the Let's Encrypt certificates, run the original command used to obtain them. Repeat the steps in the Request a Let’s Encrypt SSL wildcard certificate section of this tutorial.

Especially the last sentence. Did you repeat those steps from the link?

1 Like

I think you're right, my hands are tied by the Lighstail tutorial I already used. I could try the bitnami documentation on the next (auto)renewal, but for now I am not experienced enough to troubleshoot beyond the tutorial steps.

I did complete the steps for the renewal back on Jan 21. I was prompted with successful updated cert and thought it was finished. But now with the invalid/old expiration date still showing in the browser, it's like I can't seem to get the site pointed to the new valid certificate. I tried restarting apache several times.

1 Like

I'm not familiair with the Bitnami set up at all, so I can't guide you further, sorry. Maybe someone else might help.

1 Like

Welcome to the Let's Encrypt Community :slightly_smiling_face:

Take a look at this recent thread where I assisted another Bitnami user:

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.