My question is about renewal. Since we have to move away from tls-sni-01 we want to use http-01.
In the changelog of the certbot client it says:
I thought this meant that all my existing certs would be renewed with the new default method: http-01. But it does not! In my logs (/var/logs/letsencrypt) I see that version 0.21.1 is renewing with the old method tls-sni-01 it was creating certificates in the first place.
Do all existing certs be renewed automatically with the http-01 method? With (perhaps a newer version of) certbot upon the renewal cronjob?