The operating system my web server runs on is (include version): linux
I can login to a root shell on my machine (yes or no, or I don’t know): yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel): no
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): certbot 0.38.0
I’m struggling to find a reference for the renewal configuration files. I’ve been using a standalone configuration so far, but I would like to move to webroot, and I can’t find any official documentation on the configuration and what I need to change to achieve that (such as how to provide the webroot path).
Is there an official reference on the configuration options inside renewal directory?
That’s a good point. I don’t think the Certbot developers intended for people to modify that file manually, to be honest. A lot of the options have surprising names that do not match the CLI arguments, so you can easily mess things up.
This is bad advice because it forces a certificate renewal, but you can apply these changes using an interactive method.
First, confirm that the method works with a dry-run:
certbot renew --cert-name example.com -a webroot -w /path/to/webroot \
--dry-run
If that succeeds, force a real renewal, which will also happen to update your configuration file for you:
certbot renew --cert-name example.com -a webroot -w /path/to/webroot \
--force-renewal
An alternative option would be to issue a new certificate using the staging environment, examine the options saved in its renewal file, copy them, and delete the staging certificate.