I have a circumstance where I am running apache on centos6 with several domains and sub-domains, including a couple multi-site wordpress installations. It should also be noted that my apache config files for each domain are stored in a custom directory that get’s included in the main httpd.conf file.
Most of the ssl needs for the server are covered with a commercial wildard certificate that we own. However, there are a few domains that are not covered by this wildcard certificate. Some of these are stand-alone sights with unique home dirs, and a couple are just aliases pointing to one of the wordpress multi-sites.
From reading the manual, it looks like I should probably run Certbot the first time, probably in webroot mode. The manually adjust my domain.conf files when that is run. Would I then be able to count on those issued certificates getting updated automatically with the details generated in /etc/letsencrypt/renewal/CERTNAME?
This seems sensible to me, but my only previous experience with Lets Encrypt is with a cPanel server, and it’s pretty foolproof on that platform.
I welcome any advice.