I'm not using the automatic configuration/install features of certbot because the apache2 of the particular system is running inside a chroot and the webroot pathes in the vhost configuration files are relative to the chroot directory.
I run something roughly like this:
certbot certonly --webroot -w /var/jail/page -d domain.tld -w /var/jail/page2019 -d event2019.domain.tld -w /var/jail/page2020 -d event2020.domain.tld -w /var/jail/page2021 -d current-event.domain.tld -d event2021.domain.tld
The call is actually composed by a script because there are much more subdomains then this.
Now, when I removed the "-d current-event.domain.tld" option, because I switched to a 301 forwarding, it created a completely new certificate "domain.tld-0001". I can understand that this might be the obvious behaviour. For me however, it is very inconvenient and I would really like to prevent that from happening.
Is there maybe an option to set the output cert name and overwrite any existing cert??? That would be most helpful for me now, because then I could overwrite the old "domain.tld" certificate and wouldn't have to adjust the apache config files.
If not, can I force renew instead of obtain for the next time?
Edit: fixed some typos and stuff