I came back here to update you on the situation and to provide details that I hope will help other people with virtual hosts on their Bitnami stacks.
The original problem lies in the fact that we have 2 virtual hosts on this single Bitnami stack, and clearly your script doesn't account for that.
Does this CRON command look right to you? This is what the bn-cert tool produced.
0 0 * * * sudo /opt/bitnami/letsencrypt/lego --path /opt/bitnami/letsencrypt --email="email@example.com" --http --http-timeout 30 --http.webroot /opt/bitnami/apps/letsencrypt --domains=clientdomain.com renew && sudo /opt/bitnami/apache2/bin/httpd -f /opt/bitnami/apache2/conf/httpd.conf -k graceful # bncert-autorenew
I'm not going to be able to rely on the CRON job, I'm going to have to renew this certificate manually.
I did all the commands you outlined in your first response to this thread, and it STILL did not work. Fortunately I remembered to check the /opt/bitnami/apps/[abbreviation]/httpd-vhosts.conf file where I did this:
# SSLCertificateFile "/opt/bitnami/apache2/conf/server.crt"
# SSLCertificateKeyFile "/opt/bitnami/apache2/conf/server.key"
Now the browsers see the Let's Encrypt certificate and all appears to be well.
I have 25+ years' technical writing experience. If I produce a supplementary doc page that covers how to adjust for virtual hosts when dealing with Let's Encrypt, would you add it to your documentation? I'd like to save someone else the heartache.