Issue renewing SSL certificate

I have been trying to renew the let's encrypt certificate for However my repeated attempts have had no success.

I have been following the lightsail guide:

I have succesfully completed the following steps
Adding txt records to lightsail's DNS
Generating the certificates
Updating the links server.crt and server.key point to
Stopped and started the ctlscript script

But when checking the website it still references to the old expired certificate.

I then used the wordpress plugin Really Simple SSL to generate a new key set and uploaded them to the server, and updated server.crt and server.key to link to the certificate.cert and private.pem files respectively.

When checking the website it still references the old expired certificate.

I have run out of ideas for things to try and would appreciate any help possible.

Let me know if there are any further details I can provide.

Hi @lukeBrandon, and welcome to the LE community forum :slight_smile:

The problem, if any, seems to be within the light sail instructions [or your steps in following them].

Not sure what we can do for you here about that.

That said, did you make sure that [in step #7] the service was able to stop [and then start] correctly?


You might want to read the "Important" note at the top of the guide you're following.

While I'm totally not a fan of that whole "Bitnami" stuff, if you're using it already, using bncert might be the better option to go with.


@lukeBrandon I agree with the two previous volunteers. You are not using a wildcard cert so you could be using bncert instead of the manual certbot DNS steps.

Are you sure you got a fresh cert. Because I don't see one in the public logs. Sometimes there are long delays before the logs update (24h) so need to ask. (neither or censys sees fresh ones)

You have gotten certs regularly for several years so that's great. Were there any changes to the config since your last cert issued Mar12?

Lastly, what does this show?

sudo certbot certificates

Thank you for this steer, running it through bncert resolved it for me.


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.