TLJH on ec2, letsencrypt didn't renew, and now I can't get it [resolved]

Certificate did not renew automatically.
now it is expired and nothing I try seems to work
I’ve downloaded certbot, and tried certbot renew. (‘No renewals were attempted.’) I assume tljh should do that work itself
I’ve tried disabling and renabling https. and then reloading the config and proxy

sudo tljh-config reload
does complain :
InsecureRequestWarning: Unverified HTTPS request is being made to host '127.0.0.1'. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.io/en/latest/advanced-usage.html#ssl-warnings

I have no idea how to renew it, it just worked out of the box when I did this https://tljh.jupyter.org/en/latest/howto/admin/https.html

I saw the post suggesting it was a firewall. sudo journalctl -u traefik | grep -e "error|fatal"

one of the error messages mentions a firewall, but i’ve opened the EC2 firewall to 0.0.0.0 for ports 80 and 443 to try this to no avail, what else could it be ?

ok so i went into stat/acme.json and deleted a bunch of lines referencing the server.
then i reloaded the config and the proxy.
now it looks like the cert is valid, but is it might be a caching issue.
(i’ve cleared the cache to no avail.)

Screen Shot 2020-09-15 at 3.33.09 PM