Right, I'm using the official one, I thought I saw somewhere that CertBot 1.0 had been released late last year, so I thought this 0.40 version was old. I'm new to using all of this, so my mistake 
I removed a few things that looked like they might be sensitive
2020-03-08 11:55:41,643:DEBUG:certbot.main:certbot version: 0.40.0
2020-03-08 11:55:41,643:DEBUG:certbot.main:Arguments: ['--nginx', '--agree-tos', '--redirect', '--hsts', '--staple-ocsp', '--email', '', '--domain', 'earnom.adenansu.com']
2020-03-08 11:55:41,643:DEBUG:certbot.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot)
2020-03-08 11:55:41,654:DEBUG:certbot.log:Root logging level set at 20
2020-03-08 11:55:41,654:INFO:certbot.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log
2020-03-08 11:55:41,655:DEBUG:certbot.plugins.selection:Requested authenticator nginx and installer nginx
2020-03-08 11:55:41,655:DEBUG:certbot.plugins.selection:No candidate plugin
2020-03-08 11:55:41,655:DEBUG:certbot.plugins.selection:Selected authenticator None and installer None
2020-03-08 11:56:13,586:DEBUG:certbot.main:certbot version: 0.40.0
2020-03-08 11:56:13,587:DEBUG:certbot.main:Arguments: ['--nginx', '--agree-tos', '--redirect', '--hsts', '--staple-ocsp', '--email', '', '--domain', 'earnom.adenansu.com']
2020-03-08 11:56:13,587:DEBUG:certbot.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot)
2020-03-08 11:56:13,605:DEBUG:certbot.log:Root logging level set at 20
2020-03-08 11:56:13,605:INFO:certbot.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log
2020-03-08 11:56:13,606:DEBUG:certbot.plugins.selection:Requested authenticator nginx and installer nginx
2020-03-08 11:56:13,800:DEBUG:certbot.plugins.selection:Single candidate plugin: * nginx
Description: Nginx Web Server plugin
Interfaces: IAuthenticator, IInstaller, IPlugin
Entry point: nginx = certbot_nginx.configurator:NginxConfigurator
Initialized: <certbot_nginx.configurator.NginxConfigurator object at 0x7efd86a7f340>
Prep: True
2020-03-08 11:56:13,801:DEBUG:certbot.plugins.selection:Selected authenticator <certbot_nginx.configurator.NginxConfigurator object at 0x7efd86a7f340> and installer <certbot_nginx.configurator.NginxConfigurator object at 0x7efd86a7f340>
2020-03-08 11:56:13,801:INFO:certbot.plugins.selection:Plugins selected: Authenticator nginx, Installer nginx
2020-03-08 11:56:13,805:DEBUG:certbot.main:Picked account: <Account(RegistrationResource(body=Registration(key=None, contact=(), agreement=None, status=None, terms_of_service_agreed=None, only_return_existing=None, external_account_binding=None), uri='https://acme-v02.api.letsencrypt.org/acme/acct/80036369', new_authzr_uri=None, terms_of_service=None), c8e806da10ef2da1ece77df462d13da2, Meta(creation_dt=datetime.datetime(2020, 3, 8, 6, 50, 35, tzinfo=), creation_host='dispenser'))>
2020-03-08 11:56:13,806:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory.
2020-03-08 11:56:13,808:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443
2020-03-08 11:56:14,097:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 658
2020-03-08 11:56:14,097:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Sun, 08 Mar 2020 18:56:14 GMT
Content-Type: application/json
Content-Length: 658
Connection: keep-alive
Cache-Control: public, max-age=0, no-cache
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
{
"A1TuAWRdbTM": "Adding random entries to the directory",
"keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change",
"meta": {
"caaIdentities": [
"letsencrypt.org"
],
"termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf",
"website": "https://letsencrypt.org"
},
"newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct",
"newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce",
"newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order",
"revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert"
}
2020-03-08 11:56:14,098:INFO:certbot.main:Obtaining a new certificate
2020-03-08 11:56:14,194:DEBUG:certbot.crypto_util:Generating key (2048 bits): /etc/letsencrypt/keys/0010_key-certbot.pem
2020-03-08 11:56:14,197:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0010_csr-certbot.pem
2020-03-08 11:56:14,198:DEBUG:acme.client:Requesting fresh nonce
2020-03-08 11:56:14,198:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce.
2020-03-08 11:56:14,265:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0
2020-03-08 11:56:14,266:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Sun, 08 Mar 2020 18:56:14 GMT
Connection: keep-alive
Cache-Control: public, max-age=0, no-cache
Link: https://acme-v02.api.letsencrypt.org/directory;rel="index"
Replay-Nonce: 0001349JpF30x9WkjtXpXJMkJR12oum32uCNv6Z-GTtHmps
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
2020-03-08 11:56:14,266:DEBUG:acme.client:Storing nonce: 0001349JpF30x9WkjtXpXJMkJR12oum32uCNv6Z-GTtHmps
2020-03-08 11:56:14,266:DEBUG:acme.client:JWS payload:
b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "earnom.adenansu.com"\n }\n ]\n}'
2020-03-08 11:56:14,270:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order:
{
"protected": "",
"signature": "",
"payload": ""
}
2020-03-08 11:56:14,341:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 339
2020-03-08 11:56:14,342:DEBUG:acme.client:Received response:
HTTP 201
Server: nginx
Date: Sun, 08 Mar 2020 18:56:14 GMT
Content-Type: application/json
Content-Length: 339
Connection: keep-alive
Boulder-Requester: 80036369
Cache-Control: public, max-age=0, no-cache
Link: https://acme-v02.api.letsencrypt.org/directory;rel="index"
Location: https://acme-v02.api.letsencrypt.org/acme/order/80036369/2577298128
Replay-Nonce: 0001k3n1YibNjV-IEyvFBanRC7i_ab40p8vU_EvVv8DnmlE
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
{
"status": "pending",
"expires": "2020-03-15T06:50:49Z",
"identifiers": [
{
"type": "dns",
"value": "earnom.adenansu.com"
}
],
"authorizations": [
"https://acme-v02.api.letsencrypt.org/acme/authz-v3/3231562998"
],
"finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/80036369/2577298128"
}
2020-03-08 11:56:14,342:DEBUG:acme.client:Storing nonce: 0001k3n1YibNjV-IEyvFBanRC7i_ab40p8vU_EvVv8DnmlE
2020-03-08 11:56:14,342:DEBUG:acme.client:JWS payload:
b''
2020-03-08 11:56:14,346:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/3231562998:
{
"protected": "",
"signature": "",
"payload": ""
}
2020-03-08 11:56:15,087:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/3231562998 HTTP/1.1" 200 797
2020-03-08 11:56:15,088:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Sun, 08 Mar 2020 18:56:15 GMT
Content-Type: application/json
Content-Length: 797
Connection: keep-alive
Boulder-Requester: 80036369
Cache-Control: public, max-age=0, no-cache
Link: https://acme-v02.api.letsencrypt.org/directory;rel="index"
Replay-Nonce: 0002kda-JKbEe9vRIQbquLpF8m7zZkHFIr5zbMhgjDFM094
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
{
"identifier": {
"type": "dns",
"value": "earnom.adenansu.com"
},
"status": "pending",
"expires": "2020-03-15T06:50:49Z",
"challenges": [
{
"type": "http-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/3231562998/cXSq9Q",
"token": ""
},
{
"type": "dns-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/3231562998/_P00-g",
"token": ""
},
{
"type": "tls-alpn-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/3231562998/T-Zxrg",
"token": ""
}
]
}
2020-03-08 11:56:15,089:DEBUG:acme.client:Storing nonce: 0002kda-JKbEe9vRIQbquLpF8m7zZkHFIr5zbMhgjDFM094
2020-03-08 11:56:15,089:INFO:certbot.auth_handler:Performing the following challenges:
2020-03-08 11:56:15,090:DEBUG:certbot.log:Exiting abnormally:
Traceback (most recent call last):
File "/usr/bin/certbot", line 11, in
load_entry_point('certbot==0.40.0', 'console_scripts', 'certbot')()
File "/usr/lib/python3/dist-packages/certbot/main.py", line 1382, in main
return config.func(config, plugins)
File "/usr/lib/python3/dist-packages/certbot/main.py", line 1132, in run
new_lineage = _get_and_save_cert(le_client, config, domains,
File "/usr/lib/python3/dist-packages/certbot/main.py", line 121, in _get_and_save_cert
lineage = le_client.obtain_and_enroll_certificate(domains, certname)
File "/usr/lib/python3/dist-packages/certbot/client.py", line 417, in obtain_and_enroll_certificate
cert, chain, key, _ = self.obtain_certificate(domains)
File "/usr/lib/python3/dist-packages/certbot/client.py", line 348, in obtain_certificate
orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names)
File "/usr/lib/python3/dist-packages/certbot/client.py", line 396, in _get_order_and_authorizations
authzr = self.auth_handler.handle_authorizations(orderr, best_effort)
File "/usr/lib/python3/dist-packages/certbot/auth_handler.py", line 62, in handle_authorizations
achalls = self._choose_challenges(authzrs)
File "/usr/lib/python3/dist-packages/certbot/auth_handler.py", line 206, in _choose_challenges
self._get_chall_pref(authzr.body.identifier.value),
File "/usr/lib/python3/dist-packages/certbot/auth_handler.py", line 221, in _get_chall_pref
plugin_pref = self.auth.get_chall_pref(domain)
File "/usr/lib/python3/dist-packages/certbot_nginx/configurator.py", line 1110, in get_chall_pref
return [challenges.HTTP01, challenges.TLSSNI01]
AttributeError: module 'acme.challenges' has no attribute 'TLSSNI01'
2020-03-08 11:56:15,092:ERROR:certbot.log:An unexpected error occurred:
Edit: I'm not mentioning that challenge in my config, as far as I'm aware.
I started off this attempt by following this how-to: How to Install Subsonic Media Server on Ubuntu 18.04, 19.04 and Enable HTTPS