This is the same script that I have used before successfully.
After I ran it, I received the following…
Congratulations! Your certificate and chain have been saved at:
/etc/letsencrypt/live/oakleaf.co.uk-0001/fullchain.pem
Your key file has been saved at:
/etc/letsencrypt/live/oakleaf.co.uk-0001/privkey.pem
Your cert will expire on 2017-11-13. To obtain a new or tweaked
version of this certificate in the future, simply run
letsencrypt-auto again. To non-interactively renew all of your
certificates, run “letsencrypt-auto renew”
When you use --standalone, your web server isn’t restarted for you unless you specify a --renew-hook command to restart it. The web server doesn’t notice changed certificates until it’s restarted.
So, if you restart your web server, it should see the new certificate.
The presence of the -0001 also means that you have more than one Certbot-managed certificate related to this domain. This might not have been what you intended. You can see the details of what you have by running ./letsencrypt-auto certificates. If your web server is configured to use the other one, renewing this one won’t affect the web server configuration at all.
I would double check that your nginx server is using the right path to fullchain.pem and privkey.pem files. It is /etc/letsencrypt/live/oakleaf.co.uk-0001/ and maybe in your nginx conf you are using /etc/letsencrypt/live/oakleaf.co.uk/ without the trail -0001.
Thanks for the help. Unfortunately, the reboot didn’t work.
Below is my list of certs and it does look as though there are two, one with the -0001 and one without.
Could I ask what is the best way of solving this?