I’ve found the --apache mode just too much trouble. It didn’t try to fix the existing conf file but added a new 000*.conf one. Now that I know the 3 (important) lines it needs to add/alter in your conf file I changed them myself and just run
#!/bin/sh sudo service apache2 stop /opt/letsencrypt/letsencrypt-auto certonly --standalone --email email@example.com --agree-tos -d `hostname` sudo service apache2 start
once to start and every month from a crontab. Hopefully this will work for renewing the certs and won’t run into any “rate limiting” problems when all the crontabs run at the same time each month.