Forcing everyone to use automation sounds like a great idea. I am sure it is by design.
I’d say the easiest way out is to use the Caddy web server, which can take care of the certs all by itself.
You don't need to be a professional sysadmin to deal with this - so long as the software you use isn't ass. Nginx will _finally_ get this ability in the next release (and it'll still be more configuration than caddy, that just defaults to the sane thing)...
you make it sound like setting up automated renewals is an onerous process. IME it takes about the same amount of time to set up the automation according to the directions as it does to manually renew the certs with an ACME client. the only difference is you're pasting a command into a crontab/timer instead of directly into your shell to execute.
The problem isn't that it's hard to set up. It's that it adds another thing that I have to monitor for failures and troubleshoot when it breaks. For a small hobby site, I might go longer than 47 days without looking at it.
I run a couple of low-stakes websites just for fun and manually updating certificates takes me about 10 minutes a year, and most of that is remembering how to generate the csr. Setting up an automated process gains me nothing except additional points of failure. Ratcheting the expiration down to 47 days is an effort to force everyone to use automation, which makes no sense for small hobby sites.
> I'm not sure why many people are still dealing with legacy manual certificate renewal
Not everyone is a professional sysadmin. Adding automation is another layer of complexity on top of what it already takes to run a website. It's fine for large orgs and professionals who do this for a living at their day jobs, but for someone just getting their feet wet it's a ridiculous ask.