Renew Wildcard certificate and it is already expired

My domain is:

I ran this command:
./ --issue -d -d '*' --dns --yes-I-know-dns-manual-mode-enough-go-ahead-please --force
./ --renew -d -d '*' --dns --yes-I-know-dns-manual-mode-enough-go-ahead-please --force

It produced this output:
... Your cert is in: /root/

My web server is (include version):
Apache/2.4.6 (CentOS)

The operating system my web server runs on is (include version):
CentOS Linux release 7.5.1804 (Core)

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don't know):

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):

The certificate is successfully created, downloaded, and installed
The web-browsers says that the certificate is expired.

The command:
openssl x509 -noout -dates -in /root/

notBefore=Jul  8 00:00:00 2022 GMT
notAfter=Oct  6 23:59:59 2022 GMT

Check you are using the latest version of,clearly if it thinks it's renewing OK but your file is actually old (check the file date) then a path or permission is wrong somewhere.


I performed an update of, same result.
Checked the file's date, and it is fine, current date/time
Even deleted the old certificate from /root/.acme/ and again --issue and --renew
The script downloaded the same certificate as the old one, with identical content, and validity dates (I compared it with one from the backup)

./ --remove -d
Then removing the directory
After that --issue and then --renew
the certificate is now a new one, with validity starting today
Problem solved


I'll point out that this domain is using ZeroSSL certificates.

If you want to use Let's Encrypt certs refer to the docs


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.