- Enable TCP:443 access to the server from the internet
- Check local IPTABLES fw access for public TCP:443 access too
- SSH into the server and run the following command:
sudo certbot — –force-renewal -d <certname here>
ref: https://certbot.eff.org/docs/
ref: https://certbot.eff.org/docs/