Just got to this part of my multisite journey and was able to figure it out without a complete reprovision. Here’s what I did:
- SSH to remote.
-
$ sudo rm -rf /var/lib/letsencrypt /usr/local/letsencrypt /srv/www/letsencrypt /etc/nginx/ssl/letsencrypt /etc/ssl/certs/lets-encrypt-x3-cross-signed.pemwhich should remove all remnants of the existing certificates. - On local machine in your Trellis project dir run
$ ansible-playbook server.yml -e environment=<YOUR_ENV_NAME> --tags "letsencrypt"which should generate new certificates. - It wasn’t necessary on my setup, but power cycling your remote may be necessary in some cases:
$ sudo shutdown -r now.
After that my main domain and subdomain were all super green 