Sure, so it seems this might be the issue:
the command certbot certificates returns:
sudo certbot certificates
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Renewal configuration file /etc/letsencrypt/renewal/davidfrick.xyz.conf produced an unexpected error: expected /etc/letsencrypt/live/davidfrick.xyz/cert.pem to be a symlink. Skipping.
Renewal configuration file /etc/letsencrypt/renewal/mail.frick.blog-0001.conf produced an unexpected error: expected /etc/letsencrypt/live/mail.frick.blog-0001/cert.pem to be a symlink. Skipping.
Renewal configuration file /etc/letsencrypt/renewal/mail.frick.blog-0002.conf produced an unexpected error: expected /etc/letsencrypt/live/mail.frick.blog-0002/cert.pem to be a symlink. Skipping.
Renewal configuration file /etc/letsencrypt/renewal/mail.frick.blog-0003.conf produced an unexpected error: expected /etc/letsencrypt/live/mail.frick.blog-0003/cert.pem to be a symlink. Skipping.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Found the following certs:
Certificate Name: mail.frick.blog
Serial Number: <removed>
Domains: mail.frick.blog david.frick.blog frick.blog www.david.frick.blog www.frick.blog
Expiry Date: <Not expired>
Certificate Path: /etc/letsencrypt/live/mail.frick.blog/fullchain.pem
Private Key Path: /etc/letsencrypt/live/mail.frick.blog/privkey.pem
The following renewal configurations were invalid:
/etc/letsencrypt/renewal/davidfrick.xyz.conf
/etc/letsencrypt/renewal/mail.frick.blog-0001.conf
/etc/letsencrypt/renewal/mail.frick.blog-0002.conf
/etc/letsencrypt/renewal/mail.frick.blog-0003.conf
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
So it does seem like something happened with copies of keys or something.
Is there a way to clean this up?