I think that's because of the use of --csr
. This command is rather "unique" and unfortunately the behaviour isn't (very well) documented. I wouldn't be surprised if certbot
doesn't even generate a renewal configuration file when a certificate is issued with --csr
. It would be very helpful if the behaviour of --csr
would be documented properly.
One of the ways to "renew" certificates issued with the --csr
command is to "re-issue" the certificate the same way as you issued it in the first place. I don't think certbot renew
will be useful at all, as there isn't a configuration file in /etc/letsencrypt/renewal/
for those --csr
certificates.