The operating system my web server runs on is (include version):
Ubuntu 22.04 LTS
I can login to a root shell on my machine (yes or no, or I don't know):
yes
I don't have yet certbot installed. I'm asking before taking the step to install certbot on top: Currently my certificates serve my website kukulies.org and my mailserver kukulies.org and acme.sh manages the certs for the haproxy installation.
Now the domain normalfilter.de should live alongside (only as mail address). Could I just extend the acme certificate or should I run certbot in parallel?
"the acme certificate"? Please note that "ACME" is the name of the protocol used by Let's Encrypt and other CAs. "acme.sh" is just one of many ACME clients and is named as such as it's written in "shell script" ("sh").
That said, Certbot and the acme.sh client are not compatible with each other and there's no easy way to migrate certificates from one to the other.
Why do you want to use Certbot to begin with, if you're already using acme.sh? Is there a specific reason or you just don't like acme.sh (which I can relate to) and want to change client?
Thanks. Sorry for answering late. I got now shook up by an email I got from Let's Encrypt Expiry Bot yesterday, saying that my certificates are about to expire tomorrow.
Looking into /etc/letsencrypt/live/cert.pem I found that this cerificate is indeed expiring tomorrow.
So I'm wondering which process is still renewing the letsencrypt certificates in parallel to acme.sh?
How can I find out about that?
P.S. I also found out that I have already the desired extra domain (normalfilter.de) included in my certificate. So the question remaining is: "why or what is the cause that I'm still getting reminder email from Let's Encrypt Expiry Bot"?
You said you haven't installed Certbot, yet. But you have a directory /etc/letsencrypt, which is generated by Certbot. Thus that would mean you either have Certbot installed already or had Certbot installed in the past, but uninstalled it?
Also, if the certificate(s) in /etc/letsencrypt/live/ are expiring tomorrow, it stands to reason it wasn't renewed.