Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
It produced this output:
Please enter in your domain name(s) (comma and/or space separated) (Enter ‘c’
to cancel): allcountyguitar.com
Obtaining a new certificate
IMPORTANT NOTES:
Congratulations! Your certificate and chain have been saved at:
/etc/letsencrypt/live/allcountyguitar.com-0001/fullchain.pem
Your key file has been saved at:
/etc/letsencrypt/live/allcountyguitar.com-0001/privkey.pem
Your cert will expire on 2020-10-27.
My web server is (include version):
Server version: Apache/2.4.43 (Amazon)
Server built: May 14 2020 18:12:28
The operating system my web server runs on is (include version):
NAME=“Amazon Linux AMI”
VERSION=“2018.03”
My hosting provider, if applicable, is:
I can login to a root shell on my machine (yes or no, or I don’t know):
yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel):
bash
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):
certbot --version
bash: certbot: command not found
Problem Statement:
Upon renewing from by bash cmd window I get message that the new expiration date for the renewed certificate will be 10/27/2020, however checking the “lock” icon (waiting an hour after recert) it maintains the old expiration date: Friday, August 14, 2020
This part is the problem. You can see that Certbot said it was "creating a new certificate" and it saved it in a different place (/etc/letsencrypt/live/allcountyguitar.com-0001 instead of /etc/letsencrypt/live/allcountyguitar.com). Your web server application has not been configured to use this new path, so it doesn't notice this certificate.
The reason for this behavior by Certbot is that your old certificate covers bothallcountyguitar.com and another domain, enetapplication.com. But when you asked for the new certificate, you didn't mention the second domain, so Certbot concluded that you must want a new, separate certificate that only covers allcountyguitar.com without enetapplication.com. It then went ahead and got that certificate, saving it in a new location that your web server application doesn't know anything about.
I would suggest deleting this unused new certificate with certbot delete, unless you specifically wanted enetapplication.com to no longer be covered by a certificate. After that, you can use the normally-recommended certbot renew to renew your existing certificate.
certbot renew has various advantages over certbot certonly for a renewal:
It only tries to renew certificates that are less than one month from expiry, so it's safe to run it very frequently (we recommend twice per day)
It uses your existing certificates on disk to decide which domain names and file locations to use, without changing anything
It tries to renew any Certbot-created certificates on your system that are in need of a renewal, in one single invocation of the Certbot command
that is fantastic - thank you so much and kind of realized that this was a quality organization when I joined and now see that in fact it is what I thought, careful and responsive thanks to the membership
certbot and certbot-auto are synonyms depending on the way you installed Certbot on your particular system. So for both commands you should use ./certbot-auto instead of certbot in the command.
I need to clean up others that threw errors but all domains were processed, and the domain allcountyguitar.com "lock" is now showing the renewed expiration date!