I was able to enable SSL and secure both of them. Now I have added HA using PCS and the floating IP is also resolved to a domain name "example3.test.co.uk" and currently pointing to "example1.test.co.uk" as it is the primary.
In "example1.test.co.uk", I have modified the configuration files under /etc/apache2/sites-available/ by adding the "example3.test.co.uk" as a servername and then ran a certbot --apache command. It sometime shows "example1.test.co.uk" and "example3.test.co.uk" and when I choose the first one, ti install the certificates and I see the https is enabled for it but when I choose "example3.test.co.uk" which is for the floating ip, it doesn't work. Am I missing anything here? Please guide me
Is there a forum for HA / PCS that could help? This seems more like a system configuration issue and others using that combination have probably already dealt with this.
I am not familiar with that setup and I can only guess at what you mean by "floating IP".
But, a couple things ...
The --apache plugin uses the HTTP Challenge. If you request a cert for example3 the LE auth server looks up the IP in the public DNS and sends an HTTP challenge request to it. That domain (IP) must reply with the proper challenge token created by Certbot.
Saying "it doesn't work" isn't very helpful for us to debug. What, exactly was the error
Keep in mind a cert request can fail or take an unusually long time. If these are essentially hot backups make sure your strategy does not rely on getting a fresh cert when one takes over. Because the request may fail. They should always have a viable cert ready to go.