Thanks again, @pfg. With the aid of your reply, I think I now better understand what certbot was trying to do during my last attempt at running it (in the command shown in my original post), and your reply makes it clear to me that I should indeed be using the manual plugin only as below:
# certbot certonly --manual --test-cert -d example.com
But at Getting Starged, I read under the "Limits on usage" section:
Let’s Encrypt will issue a limited number of certificates each week. See this
thread for the latest numbers. If you are trying out certbot for the first time, you may
want to use the --test-cert flag, and a domain name that does not receive live
traffic. This will get certificates from our staging server. They won’t be valid in
browsers, but otherwise the process will be the same, so you can test a variety of
configuration options without hitting the rate limit.
So I guess that if I need to demonstrate ownership of any domain that I attempt to make a Let's Encrypt certificate for (even if I use the
--test-cert fllag), then the above guidance "...use the
--test-cert flag, and a domain name that does not receive live traffic." must still be for a domain that I own or control. Is that correct?
If so, then with a limit of "This is limited to 5 certificates per FQDN set per week.", I think I need to make sure I really understand what I'm doing before attempting to do it for the domain that I'm trying to secure with a Let's Encrypt certificate.