Hi @rful011,
Over in
you said that you've switched over to using --standalone. Certbot remembers what method you used to obtain your certificate and uses that same method during renewals.
A prerequisite for using --standalone is not having an existing process running that uses the port that you need for your authentication. (--apache, which you had trouble with earlier, does not have this restriction.) While Certbot doesn't inherently know how to stop and restart the existing process, there are --pre-hook and --post-hook options that you can use to tell it how to do so.
You could try something like
sudo certbot certonly --force-renewal --cert-name fulton.geek.nz -d fulton.geek.nz --standalone --pre-hook "service apache2 stop" --post-hook "service apache2 start"
If that works, then those options will be saved and will be used automatically in the future by certbot renew.