In my case, IIS is running a multi-tenanted platform which has many hundreds of domains. I am basically trying to automate the domain binding / encryption process as best as I can. So I was thinking that I could use the importcsv command to load a list of new domains into a server and then certify would create the bindings on the IIS site and then allocate the certificate.
btw - the New-WebBinding PowerShell works just fine without an existing certificate - if I run it manually for a specific host it creates a binding with no SSL (something that you can only do via PowerShell; not the UI).
I would alter the PowerShell to be in the PostDeployment and have it include the certificate but Letsencrypt won’t be able to verify the domain until after I have the binding on the server -