I’m still trying to sort this out.
On my Ubuntu 20.04 server, I’m running Webmin and Virtualmin to manage my primary domain and sub-domains. Apache is running on this system.
There is a Letsencrypt module in Virtualmin that fetches certificates for these sites.
The certificates (ssl.cert and ssl.key) are stored in /home/username/ and the websites are at /home/username/public_html/. The conf files for Apache point to these locations for 443.
HA certs are found at /usr/share/hassio/ssl.
In the past, the only way I’ve been able to get HA to use SSL is to manually copy the contents of ssl.cert to fullchain.pem and ssl.key to privkey.pem.
When letsencrypt automatically renews, I end up with a mismatch and HA quits loading via my domain name (https://domain.com:8123).
Is this expected behavior for a Name Server which is a public server?