I ran into a problem with cert renewal (when I was testing my automatic CloudFrontThing), I wasn’t able to determine where the certificates generated by the Let’s Encrypt client were going to be stored when getting a certificate for multiple domains. s I examinated the source code and discovered there are some arguments I can pass to specify exactly where the files should go:

--cert-path=.../cert.pem
--chain-path=.../chain.pem
--fullchain-path=.../fullchain.pem
--key-path=.../privkey.pem