I have never used certbot. I have used the OpenBSD native acme-client with the native httpd server.
But OpenBSD developer Solene has a nginx configuration file for acme. See https://dataswamp.org/~solene/2019-0...ginx-acme.html
Maybe that helps 
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
|