Ssl won't renew

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. |, so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:

I ran this command:
certbot certonly --force-renew -d
It produced this output:


  • Congratulations! Your certificate and chain have been saved at:
    Your key file has been saved at:
    Your cert will expire on 2023-06-21. To obtain a new or tweaked
    version of this certificate in the future, simply run certbot
    again. To non-interactively renew all of your certificates, run
    "certbot renew"
    My web server is (include version): apache

The operating system my web server runs on is (include version): ubuntu

My hosting provider, if applicable, is: digital ocean

I can login to a root shell on my machine (yes or no, or I don't know): yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): ?

Hello can you please help me renew this ssl cert. This is happening every month now. When I run test it says cert is not valid. HELP!

You do not want to use that option; please read User Guide — Certbot 2.4.0 documentation to understand that option.

Also why, I would expect 60 days.

1 Like

lol that is double dutch to me mate.

I ran sudo certbot renew and restarted the server it seems to be working


That was probably the missing part


Still broken.

What is "still broken"?


Does that mean...
You will pay $200 to anyone that does permanently fix this issue?
If so, "permanently" must also be defined.

[as written, you could pay $200 to your favorite charity and comply]


Global world politics, housing, people in regards the website, the SSL.

I don't see what is "still broken".
SSL Server Test: (Powered by Qualys SSL Labs)
Care to explain?


Ok I think this is the msg I get from SSL Labs:

This server's certificate is not trusted, see below for details.

This server supports TLS 1.0 and TLS 1.1. Grade capped to B. MORE INFO »

This site works only in browsers with SNI support.

OK, I do see the errors [now] and I'm pretty certain I can fix them permanently.
What now?


Yes, you can message me on this site so we can set uo some sort of cron job. There was a cron job to renew certbot but it seems to have stopped. I will be back in a few hours and respond. The site seems to be working sometimes, not sure, could be some sort of caching issues.

There is more to "the (re)solution" than a cron job.


Here I see 2 different certificates; One non-expired and the other expired.


Why do you use 2 different Certificates?

Non-expired: SSL Server Test: (Powered by Qualys SSL Labs)

Expired: SSL Server Test: (Powered by Qualys SSL Labs)

1 Like

And here is a list of issued certificates, latest being 2023-03-23 for only; the latest one with both & being 2023-02-04.

1 Like

Which explains the "-0001":

And caused by the misuse of the --force:


Two back to back attempts with curl -Ii; gave different results.

$ curl -Ii
HTTP/1.1 200 OK
Date: Thu, 23 Mar 2023 17:39:38 GMT
Server: Apache/2.4.18 (Ubuntu)
Content-Type: text/html; charset=UTF-8
$ curl -Ii
curl: (60) SSL certificate problem: certificate has expired
More details here:

curl failed to verify the legitimacy of the server and therefore could not
establish a secure connection to it. To learn more about this situation and
how to fix it, please visit the web page mentioned above.

Here details on Apache can be found in documentation and forums:


I have.
Did you get my DM?
If not, you can message me directly as well [I think].


Yes they should be able to

The have a Trust Level basic user

And here is say personal messaging

1 Like