There is also the “certificate expiry integration” that can be installed. You would give it the URL of the Home Assistant server it is running on. Then you can import this blueprint:
When you create the automation you tell it how many days in advance you want it to run. I think the default is 5. So the automation is set to run everyday, the cert expiry integration tracks the expiration of the certificate. When the threshold is met it will run the renewal.