I just got an email letting me know that TLS-SNI-01 domain validation is going away. The user guide shows plugin options: https://certbot.eff.org/docs/using.html
I’ve been using the apache plugin as that’s the most convenient and is the only one that both authenticates and installs certificates on an Apache web server. Let’s say I switch to webroot to issue (but not install) a certificate. How does renewal work in these two cases?
I already have a certificate for the domain and the apache plugin updated my apache web server configuration already. What command do I put in my cron file to renew the domain when it’s about to expire?
I’m creating a certificate with the webroot plugin and editing web server conf files myself. What command do I put in my cron file to renew the domain when it’s about to expire?
The broader question is how do I efficiently create and renew certificates on dozens of CentOS Apache web servers.