This article is just a trouble-shooting blog. It’s rarely happen. After you even did a force renew by using

sudo certbot renew --force-renewal

And then check the certificate by using

sudo certbot certificates

Everything looks just fine. But when you use curl or wget from a remote machine to test the website, you still get the error of expired certificate. This can be frustrating.

wget -O test.html

Resolving ( xx.xx.xx.xx
Connecting to (|xx.xx.xx.xx|:443... connected.
ERROR: cannot verify's certificate, issued by ‘/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3’:
  Issued certificate has expired.
To connect to insecurely, use `--no-check-certificate'.

However, don’t worry. The solution is simple. Simply restart the nginx server can save it.

sudo systemctl restart nginx

Everything should go back to normal now.