Finally get some time to fix the certificate issue. Long story short, I was using StartCom's StartSSL Class 1 as my root certificate authority. It is free and easy to use (until recently). Chrome had decided not to trust this company due to some issues a while ago but I never paid attention to it. And recently the update of Chrome browser had decided to not trust my website due to this and said
Err_Cert_Authority_Invalid
Your connection is not private
Blah blah blah. In short, that treated my site as a potential malicious site.
But my stuff are all legit and do no harm to anyone.
So I now switched to Certbot. I will write some details about switching to Certbot shortly.