Generated a new cert using the DNS challenge:
certbot -d www.example.com --manual --preferred-challenges dns certonly
I added a new TXT record to the dns zone per the Let’s Encrypt instructions:
TXT _acme-challenge.www.example.com
I also added a cronjob to check for a certificate renewal every day:
/etc/cron.daily/certbot-renew-tls-certificate
#!/bin/bash
/usr/bin/certbot renew
exit 0