See the certificate obtained when accessing your site:
As you can see it's generated only for the domain without www.
For that domain, you're using the certificate: /opt/bitnami/apache2/conf/server1.crt (see your /opt/bitnami/apps/wordpress/conf/httpd-vhosts.conf config file). That file is a symbolic link which points to the real certificate at /etc/lego/certificates/domain.com.crt and you generated that certificate using Lego. That's right, isn't it?
When you generated the certificate by running:
sudo lego --email="YOUR_MAIL" --domains="domain.com" --path="/etc/lego" run
You should also have indicated the domain with "www". See the example below:
sudo lego --email="YOUR_MAIL" --domains="domain.com" --domains="www.domain.com" --path="/etc/lego" run
This way, the certificate is valid for both domains (with and without www). Therefore, remove the certificate and re-generate it using both domains. You can delete it by running:
sudo rm /etc/lego/certificates/domain.com.*