I am postponing the Apache plugin issue (CentOS is not Certbot friendly) and requesting a standalone, generic certificate. After the command "1: Spin up a temporary webserver" I have the following 2 files in the folder /etc/letsencrypt:

-rw-r--r-- 1 root root 924 Nov 12 11:14 csr/0000_csr-certbot.pem
-rw------- 1 root root 1708 Nov 12 11:14 keys/0000_key-certbot.pem

The "key" is probably a direct replacement for the file in the distribution. What about the "csr" file? It seems to be a request, not the certificate itself.

TIA