i would however like to stay as close as possible to the basic-install of the server because i run ISPConfig as Serverpanel and in case of problems it is easier if i run a similar install as is written in the tutorial on how to build the server.
I hope someone has a hint on how to "repair" a certbot/letsencrypt-install where there are already over 20 domains with certificates.
If the defaults were used on install, there is almost no wrong way to uninstall and reinstall certbot.
[unless you go rouge and do anything manually within /etc/letsencrypt/]
There is!
I first did a "apt remove certbot" - that did not function could still not start the service.
Then "apt remove certbot" and after that "apt install certbot".
That has broken my apacheserver because ALL certificates were gone.
With "certbot certonly" i have generated new certificates but they make trouble with apache because in the /etc/apache2/sites-available apache links to the old certificates that are no longer there.
I know i did it myself but i am not happy with it, it will cost loads of time getting this working again.
I did.
remove and install did not result in a functioning certbot service.
I did a purge - that is my mistake i know. I will have to move all sites to another server and install this one new.
Doing a distupgrade when you run apache, mariadb, php, postfix and certbot still is no good idea.
This was my second distupgrade in over 20 years with linux, still no good idea, better build a new system and copy the data.
When another one should want to re-install certbot, then a warning not to purge might be a good idea.
I still like certbot very much, ran it manually when it just started on my local machine and copied the files to the server, specifically on this server it ran very smoothly.
Thanks anyway, as i said i made the mistake myself.