If this is the actual correct place for IceCast to configure TLS certificates, this path is not automatically updated by certbot. You probably copied the certificate from /etc/letsencrypt/ to that /etc/icecast2/ location. If possible, use the path in (Edit: as @MikeMcQ already pointed out and what I missed is that it requires the certificate bundle and private key) and if that's not possible (e.g. due to permission issues), make a script which takes care of all the copying, chown-ing and reloading IceCast stuff and configure that script as a /etc/letsencrypt/live/${name_of_certificate}/fullchain.pem directly--deploy-hook in certbot.
3 Likes