Hi @slnm,
If you update to Certbot 0.28.0 or later, the Apache plugin will already prefer HTTP-01 over TLS-SNI-01 for renewals.
As of Certbot 0.21.0, the Apache plugin is capable of falling back to HTTP-01 when TLS-SNI-01 isn't available.
So, you might not need to change plugins at all as long as your Certbot is recent enough. You can test the renewal behavior of post-0.21.0 but pre-0.28.0 versions of Certbot after the TLS-SNI-01 challenge goes away by renewing with --preferred-challenges http (also adding --force-renew if your certificate isn't due for renewal yet¹).
If you do need to change plugins, you can change them by editing the renewal configuration file in /etc/letsencrypt/renewal, or by performing a single renewal using the new plugin via certbot certonly. (In the latter case, your plugin preference is saved automatically for future renewals.)
In all of these cases, once you've got a working plugin for issuance, you can continue to renew using only certbot renew in your crontab. Certbot does not require you to specify the plugins or renewal method in crontab, because all related preferences are already saved in /etc/letsencrypt/renewal for each Certbot-issued certificate on the system. certbot renew uses the preferences there for each renewal attempt.
¹ If you just want to know whether this would work in the future and don't want to reissue the certificate yet, you can also add --dry-run to simulate the effects using the Let's Encrypt staging server, without saving the resulting test certificate at all.