Indeed, Certbot is internally using the same OpenSSL code as the openssl req, openssl rsa, etc., commands (in the course of generating new keys and requesting a certificate from the certificate authority). But in a way that users never see at all. 
1 Like