Fixed a solution now!
So I have created a completely new cert using certbot-auto as follows:
sudo certbot-auto --duplicate certonly -d home.boberglund.com,video.boberglund.com,svn.boberglund.comThe home.boberglund.com site is just a test site and is the only one on this server that is open for port 80.
During execution of the command I had to select the following:
Authentication
3: Place files in webroot directory (webroot)
Webroot for home.boberglund.com: /var/www/html
Webroot for video.boberglund.com: /var/www/html
Webroot for svn.boberglund.com: /var/www/html
(So same webroot for all 3 sites)
Then it completed successfully and I got a message like this:
Congratulations! Your certificate and chain have been saved at:
/etc/letsencrypt/live/home.boberglund.com/fullchain.pem
Your key file has been saved at:
/etc/letsencrypt/live/home.boberglund.com/privkey.pem
Your cert will expire on 2020-03-26. To obtain a new or tweaked
version of this certificate in the future, simply run certbot-auto
again. To non-interactively renew *all* of your certificates, run
"certbot-auto renew"Next I used certbot-auto delete to remove the soon to expire cert for svn.boberglund.com.
Then I edited the sites-available files for svn and video and changed the certificate entries there to point to the new certificate files shown above.
Reloaded Apache and checked that I could reach the corresponding websites and that Firefox now shows them to expire on March 26 rather than next week.
Finally I tested the renew command shown in the exit message from certbot-auto above:
sudo certbot-auto renew --dry-run
....
Congratulations, all renewals succeeded. The following certs have been renewed:
/etc/letsencrypt/live/home.boberglund.com/fullchain.pem (success)
.....Finally done! And now I could put the command for renewal into the sudo crontab, I guess?
Like so to run every night at 3:15:
sudo crontab -e
15 3 * * * certbot-auto renewEDIT:
Forgot to show the renew conf that was saved by the new cert creation:
# renew_before_expiry = 30 days
version = 1.0.0
archive_dir = /etc/letsencrypt/archive/home.boberglund.com
cert = /etc/letsencrypt/live/home.boberglund.com/cert.pem
privkey = /etc/letsencrypt/live/home.boberglund.com/privkey.pem
chain = /etc/letsencrypt/live/home.boberglund.com/chain.pem
fullchain = /etc/letsencrypt/live/home.boberglund.com/fullchain.pem
# Options used in the renewal process
[renewalparams]
authenticator = webroot
account = b5058df1c187177209688fe263dcd9e9
server = https://acme-v02.api.letsencrypt.org/directory
[[webroot_map]]
video.boberglund.com = /var/www/html
svn.boberglund.com = /var/www/html
home.boberglund.com = /var/www/htmlNotice that there are the three webroots automatically inserted as they were not earlier.