We wanted to let you know that we identified an issue in the Let’s Encrypt SSL renewal command that was added to crontab.
We are currently working on documenting the fix for existing installations, but if you want to get it fixed, we recommend you run the Bitnami HTTPS Configuration Tool, which should detect the existing certificate and add the proper entry to Crontab.
In summary, the problem happens because Let’s Encrypt spins up a TCP server running on port 80/443 (–tls challenge) to validate the domain (the validation only happens each 1-2 months), but if Apache is running in that verification won’t work. With the new approach we moved to the --http challenge instead, but with the downside that it requires configuring Apache. The good thing is that the Bitnami HTTPS Configuration Tool does this automatically for you.