This setup uses the --http-01-port=8888 switch to direct the ACME response to a different port. I learned that -http-01-port has been removed from current certbot releases.
Is there a replacement command to use a different port instead of the standard “80” which is claimed by haproxy in our case? I could not find any up-to date setup examples online, there are only outdated recommendations from 2018 and older …
My web server is (include version): apache 2.4 and haproxy 2.1 (haproxy handles p. 443 requests and acts as ssl accelerator in front of unencrypted apache vservers
The operating system my web server runs on is (include version): ubuntu 18.04 LTS
My hosting provider, if applicable, is: hetzner.de, root server with full control (shell access)
I can login to a root shell on my machine (yes or no, or I don’t know): yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel): no
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): certbot 0.31.0
Also, the guide you've used isn't very truthful at moments. For example:
Interestingly, if HAProxy is listening on port 443, LetsEncrypt may attempt to authorize over it. So, when we create a new certificate, we need HAProxy to only be listening on port 80 .
That's not true. If using the http-01 challenge, Let's Encrypt will try to connect on port 80 only. If the result of that query is a redirect to a HTTPS location, yes, of course Let's Encrypt will connect to port 443 (because HTTPS...). But it will never start with that. It's up to the system administrator to get his affairs in order if he thinks Let's Encrypt does something like that.
Therefore, there's no need for HAProxy to "only listen to port 80" during certificate issuance or renewal... That's just not true. If there's a redirect however, and you don't have HAProxy configured to map requests to /.well-known/acme-challenge/ to certbot on HTTPS, well, you'll just have to bypass the redirect for those requests.