EasyEngine's version is lame because it only supports one domain name.
This is the shell script I have in the root of my server so I can run it whenever I need to update the cert:
#! /bin/bash
# Clean-up challenge directories
sudo rm -rf /var/www/root.russellheimlich.com/htdocs/.well-known/acme-challenge
# Stop Redis server to free up memory
sudo ee stack stop --redis
# Run Lets Encrpyt
/opt/letsencrypt/letsencrypt-auto certonly --webroot -w /var/www/root.russellheimlich.com/htdocs/ -d root.russellheimlich.com -d zadieheimlich.com -d v1.zadieheimlich.com -d russellandkristina.com -d www.russellandkristina.com -d tweets.kingkool68.com --email myemail@gmail.com --text --agree-tos
# Start Redis again
sudo ee stack start --redis
# Restart Nginx
sudo ee stack reload --nginxI also have this in /var/www/root.russellheimlich.com/conf/nginx/ssl.conf
listen 443 ssl http2;
# ssl on;
ssl_certificate /etc/letsencrypt/live/root.russellheimlich.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/root.russellheimlich.com/privkey.pem;
if ($scheme = http) {
return 301 https://$host$request_uri;
}The last conditional there redirects any http traffic to https at the server level. You wouldn't want to do this if some of your sites in the multisite network are only available via http.
Also after you make any changes don't forget to restart nginx for them to take effect by doing sudo ee stack restart --nginx