My domain is: cms.stonefist.net
My web server is (include version): Apache 2.4.29
O/S: Ubuntu 18.04 LTS
I am self-hosted with full access to root shell.
I run a small web app for a few dozen people on my registered domain. I use dynamic DNS and point my dynamic DNS server name to my domain via my registrar. So cms.stonefist.net is a CNAME for example1.ddns.net.
I use port forwarding of SSL only through my firewall to the internal server that uses virtualhosts to map the requested connection to the correct apache root directory. So cms.stonefist.net goes to its own home area and beta.stonefist.net goes to its own home area, etc.
I purchased a 3 year cert from Comodo about 2 years ago and installed it so that my users no longer would get the dreaded ‘not safe…’ messages.
Ok, finally my question. I followed the certbot installation instructions on a different server on my local domain. I found out I needed to open port 80 (which I did, and forwarded it to this second server). All installed ok and the dry run renewal went fine. If I install the certbot on my production box, how do I manage the Comodo license already installed? Do I need to do anything at all? I have multiple virtualhosts with different domains. Will these all get certificates? And can I then turn off port 80 forwarding or will this be needed for anything else?
I just can’t afford to lose user connectivity and a usable certificate. And I portforward all SSL traffic to my one production server through the firewall.
Thank you for considering my questions/rambling