I however have a cron on my Ubuntu server to renew it automatically.
The cron does : /usr/bin/certbot renew --max-log-backups 31 --quiet --renew-hook /root/cert/store-renewed.sh
The cron ran fine, i can find the logs. Nevertheless, the certificate did nos renew and expired today.
I tried to launch /root/cert/store-renewed.sh manually and the certificate renewed well !?
Before i used /root/cert/certbot-auto to automatically renew but, as it seems to be deprecated, i replaced it by /usr/bin/certbot.
Do you have any idea why the "/usr/bin/certbot renew" did not renew the certificate.
No. New Let's Encrypt certs have an expiration of 90 days. I don't (yet) see a cert that was created today in the CT log. All certs show up there but sometimes there is a delay (in rare cases maybe even 24 hours).
I think you should test your renew like this and ensure it is working.
/usr/bin/certbot renew --dry-run
I do not see a --renew-hook option in the current docs. A --deploy-hook option is often used for action after a new cert is created.
If an LE cert expired today, it would have been issued 90 days ago.
If it was issued 90 days ago, it should have been renewed after 60 days (30 days ago).
We do see a cert having been issued 30 days ago.
If the site was showing expired today, it wasn't using the cert that was issued 30 days ago.
If you ran a script that caused the web site cert to not show as expired (by serving a cert that was issued 30 days ago), you only need to:
ensure you include the script to restart (or reload) the web server
after any cert has been issued
or periodically [like once a week]