I got no pb to renew certificate with certbot 0.35. No more the case with certbot 0.37.
After investigation, from Apache logs, it looks that challenge stored in directory /var/lib/letsencrypt/http_challenges cannot be verified from Internet because permissions are missing:
[Tue Sep 24 10:08:43.171287 2019] [core:error] [pid 6014] (13)Permission denied: [client 18.104.22.168:47916] AH00035: access to /.well-known/acme-challenge/nVPlFyGywdSRd5AVU-YdDNNatcIX4JwD8OdWZ0e9jzw denied (filesystem path ‘/var/lib/letsencrypt/http_challenges/nVPlFyGywdSRd5AVU-YdDNNatcIX4JwD8OdWZ0e9jzw’) because search permissions are missing on a component of the path
I ran this command:
certbot --apache --agree-tos -m "firstname.lastname@example.org" --no-eff-email --no-redirect --rsa-key-size 4096 --keep-until-expiring -d admin.kliflex.webcom.orange.com
It produced this output:
My web server is (include version): Apache
The operating system my web server runs on is (include version):CentOS 7.6