I am generating a certificate (successfully) by using a CSR, receiving three files (0001_cert.pem, 0001_chain.pem and 0002_chain.pem). Then, I try to schedule the renewal check with the following command:
certbot-auto certonly -t --debug --keep --apache --csr ./csr.der
However, even if I have “–keep”, whenever I run the command I get a new group of certificates in new files (0002_cert.pem, 0003_chain.pem and 0004_chain.pem), even if the old ones are not about to expire (in fact I created them just a few minutes before). What am I doing wrong?
(I need a CSR-based certificate, with a fixed private key, to use it with DANE)