Thanks for the reply and the link.
On our server that does not work, since some of the certificates are for fail-over use (after changing DNS records). So, we could only verify those certificates by DNS or HTTP by switching real operations to the failover server. Will not do that until it is really needed (hopefully never).
Surely there must be a “letsencrypt” or “certbot” command to list all certificates with their validation methods, or instructions where to find some configuraiton file. This is completely missing in the step-by-step instructions for how to deal with the “TLS” method no longer going to be supported. Are we somehow using the “TLS” method or not?