Reposting this as it was never addressed and now locked:
It would be great if the .org, docs, or this site kept an (updated) recommended configuration file for various web servers (e.g. which protocols/etc should be enabled). This could probably mirror what certbot is automating, but surfacing it in a way that people using ‘certonly’ or those interested in the configuration specifics can reference.
That requires someone to have a working knowledge of Python – which certbot is written in and not guaranteed to the target audience of end-users.
A large number of posts in this forum, and on StackOverflow, have to do with people asking for information like this.
The information could be centrally tracked/managed (within certbot, elsewhere?) and exposed in a readable format to end-users as part of build scripts.