Config Apache with /etc/apache2/conf-available/le.conf
:
Alias /.well-known/acme-challenge/ "/var/www/html/.well-known/acme-challenge/"
<Directory "/var/www/html/">
AllowOverride None
Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec
Require method GET POST OPTIONS
</Directory>
Enable config:
sudo a2enconf le
Install cert / renew cert:
certbot-auto certonly --non-interactive --register-unsafely-without-email --agree-tos --expand --webroot --webroot-path /var/www/html --domain my-domain.org
certbot-auto renew --webroot --webroot-path /var/www/html --no-self-upgrade
If you have changed the port of apache2, you need to change back to 80 port or certbot can't pass ACME verification.