Ubuntu 22.04.2
Apache 2
They are hosted at my house on an HP Server.
The server has the latest LAMP components for Wordpress 6.1.1. I am using Apache 2, PHP 8.2, Mariadb. My Godaddy SSL certificate support HSTS. I have 10 name certificate for the virtual host web sites. I have two different domain web sites. scsiraidguru.com has multiple sub domain web sites. Will this be a problem with Let's Encrypt. Can certbot be setup to autorenew every 80 days? I read the docs so far I don't see an issue. What do I need to do not to have SSL issues.
The default is to renew immediately after 60 days.
In effect, every 60 days.
The goal is to have everything automated so that it never drops below 30 days left.
Automation can be done in several different ways.
The simplest being HTTP-01 authentication.
If your sites can be reached via port 80 [HTTP], then that would be my first choice.
Again, if you are new to the ACME protocol and/or the client chosen, then you should do all your testing in the staging environment first.
I'm a little bit puzzled. Your HP server runs at your own premise. But you also speak about GoDaddy, which is a large hosting provider. Is GoDaddy only related to a TLS certificate you've bought of of them? Or is GoDaddy related in any other means?
Also, support for HSTS is on a webserver level, not on a certificate level. So I also don't understand the phrase "My Godaddy SSL certificate support HSTS.", could you perhaps explain a little bit more?
I have a single 10 name SSL from Godaddy that all virtual hosts on this server uses. Multiple web sites configured on this single server. I am still reading through all the documentation for an Apache2 Ubuntu configuration for Let's Encrypt.
Not sure what Apache2 and Ubuntu have to do with your choice of certificate? A TLS certificate is a TLS certificate. Let's Encrypt supports up to 100 hostnames in the SAN extension. (Or a wildcard cert if you'd want to and it's feasible with regard to the dns-01 challenge.)
There are many, MANY ACME clients out there, some will work on Ubuntu and a lot of other Linux distributions (e.g. Certbot), others work on Windows. Some only require Bash and OpenSSL..
Also, the version of TLS is also a webserver configuration thing and is independent of the TLS certificate.
Edit:
Ah, at the top of your first post you mention you're running Ubuntu. So that's where Ubuntu came from. Note that Let's Encrypt is a CA offering certs through an ACME endpoint and there are ACME clients as said above, such as Certbot. Those are distinct entities. There are also other (free) CAs offering certs using an ACME endpoint for example and you could use the same ACME client to get a cert of those CAs too. It's important to see the difference between an ACME server and ACME client.
Please don't use relatively random guides on the internet, such as the one you've found. More often than not they're severely outdated, such as the one you've found. It's using apt for installing Certbot whereas the currently prefered method of installing Certbot is using snapd.
Please see https://certbot.eff.org/ for more information about Certbot, including up to date guide of installing the application.
When you say "it forces" ... What exactly is forcing (and how)?
As written, that seems to be in the reverse direction.
ACME challenge requests use HTTP to reach the server.
[that can be redirected to HTTPS]
I don't think that HSTS preload registration is relevant within the ACME protocol specification.
BTW there is CAA recode blocking certificate reqeust anything other than godaddy on scsiraidguru.com
remove it before get certificate from any other CA
