The problem comes from the fact that this domain once upon a time had an alias domain and now the certificate for the alias-domain cannot be renewed since the domain no longer exists. So I went into ISPCFG3 and deleted every trace of this alias domain, then waited for the cert to be renewed but it still seems to not work. I looked into: /etc/letsencrypt/renewal and see -rw-r--r-- 1 root root 758 Sep 11 09:35 intramed.sa.com-0001.conf -rw-r--r-- 1 root root 761 May 30 04:05 intramed.sa.com.conf the -0001.conf file is actually the correct one as it does not contain the old alias domain. here is the content of intramed.sa.com.conf: Code: # renew_before_expiry = 30 days version = 0.10.1 archive_dir = /etc/letsencrypt/archive/intramed.sa.com cert = /etc/letsencrypt/live/intramed.sa.com/cert.pem privkey = /etc/letsencrypt/live/intramed.sa.com/privkey.pem chain = /etc/letsencrypt/live/intramed.sa.com/chain.pem fullchain = /etc/letsencrypt/live/intramed.sa.com/fullchain.pem # Options used in the renewal process [renewalparams] account = 67f3e868662cb26281a9f10801ca1e09 authenticator = webroot rsa_key_size = 4096 installer = None [[webroot_map]] www.intramed.sa.com = /usr/local/ispconfig/interface/acme intramed-distribution.co.za = /usr/local/ispconfig/interface/acme www.intramed-distribution.co.za = /usr/local/ispconfig/interface/acme intramed.sa.com = /usr/local/ispconfig/interface/acme intramed.sa.com is the current domain, intramed-distribution was the old alias domain. What shall I do, edit this file by hand and remove the old alias domain? Also, I used to go edit the site in ISPCFG3 and edit the site then save to trigger the cert check/renewal, how else can I do this via command line?