DAITEI's blog

  $ sudo certbot certonly --apache --agree-tos -m $(MYEMAIL) -d $(MYNAME1) -d $(MYNAME2) -d $(MYNAME3) -d $(MYNAME4)
Saving debug log to /var/log/letsencrypt/letsencrypt.log

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
You have an existing certificate that contains a portion of the domains you
requested (ref: /etc/letsencrypt/renewal/$(MYDOMAIN1).conf)

It contains these names: $(MYDOMAIN1), $(MYDOMAIN2)

You requested these names for the new certificate: $(MYDOMAIN1), $(MYDOMAIN2), $(MYNAME3), $(MYNAME4)

Do you want to expand and replace this existing certificate with the new certificate?
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
(E)xpand/(C)ancel: E
Renewing an existing certificate for $(MYDOMAIN1) and 3 more domains

Successfully received certificate.
Certificate is saved at: /etc/letsencrypt/live/$(MYDOMAIN1)/fullchain.pem
Key is saved at:         /etc/letsencrypt/live/$(MYDOMAIN1)/privkey.pem
This certificate expires on 20xx-xx-xx.
These files will be updated when the certificate renews.
Certbot has set up a scheduled task to automatically renew this certificate in the background.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
If you like Certbot, please consider supporting our work by:
 * Donating to ISRG / Let's Encrypt:   https://letsencrypt.org/donate
 * Donating to EFF:                    https://eff.org/donate-le
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

  $ sudo systemctl restart apache2

  $ sudo apt install snapd

  $ sudo snap install core
  $ sudo snap refresh core

  $ sudo snap install --classic certbot
  $ sudo ln -s /snap/bin/certbot /usr/bin/certbot

  $ sudo certbot certonly --apache -d $(MYNAME1) -d $(MYNAME2) --agree-tos -m $(MYEMAIL)
Saving debug log to /var/log/letsencrypt/letsencrypt.log

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Would you be willing, once your first certificate is successfully issued, to
share your email address with the Electronic Frontier Foundation, a founding
partner of the Let's Encrypt project and the non-profit organization that
develops Certbot? We'd like to send you email about our work encrypting the web,
EFF news, campaigns, and ways to support digital freedom.
最初の証明書が正常に発行されたら、Let's Encrypt プロジェクトの創設パートナーであり、
Certbot を開発する非営利団体である Electronic Frontier Foundation と電子メール アドレスを共有してもよろしいですか? 
ウェブを暗号化する取り組み、EFF ニュース、キャンペーン、デジタルの自由をサポートする方法についてメールでお知らせします。
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
(Y)es/(N)o: N
Account registered.
Requesting a certificate for $(MYNAME1) and 1 more domains

Successfully received certificate.
Certificate is saved at: /etc/letsencrypt/live/$(MYNAME1)/fullchain.pem
Key is saved at:         /etc/letsencrypt/live/$(MYNAME1)/privkey.pem
This certificate expires on 20xx-xx-xx.
These files will be updated when the certificate renews.
Certbot has set up a scheduled task to automatically renew this certificate in the background.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
If you like Certbot, please consider supporting our work by:
 * Donating to ISRG / Let's Encrypt:   https://letsencrypt.org/donate
 * Donating to EFF:                    https://eff.org/donate-le
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

...
  SSLCertificateFile    /etc/letsencrypt/live/$(MYNAME1)/fullchain.pem
  SSLCertificateKeyFile /etc/letsencrypt/live/$(MYNAME1)/privkey.pem
...

  $ sudo systemctl restart apache2

  $ systemctl list-timers | grep certbot
Fri 20xx-xx-xx 08:33:00 JST 16h left      n/a                         n/a        snap.certbot.renew.timer     snap.certbot.renew.service

  $ openssl x509 -text -noout -in FILENAME.pem

  $ openssl rsa -text -noout -in FILENAME.pem

  $ openssl req -text -noout -in FILENAME.pem