I am providing my own CSR file, which means my certs are not output into the typical /etc/letsencrypt directories. I run this command:
letsencrypt certonly --webroot --csr MY-OWN-CSR.csr -w /var/www/html -d www.mydomain.com
(you’ll also notice I’m running an older version of certbot, known as letsencrypt, because I’m on an old version of Ubuntu)
So, my certs are output into the local directory. I’m wondering, since the certs are output to local directory instead of the standard /etc/letsencrypt directories, then will letsencrypt be able to do auto-renewal, or will it be unable to find the existing certs to tell whether they are expired?
Also, outputting the files into the local directory just seems like a bad place to keep them… I could have hundreds or thousands of certs, all sitting in this single directory. If letsencrypt renewal will work by finding the certs in the local directory, is there an way to tell it to look in a different directory, so that I can organize my certs a little better?