@hardeep and @luizbills, thanks for your comment. They really helped..
Want to add that if you buy a wildcard cert to use on a multi-site there are two steps.
First, update the path to the ssl certificate to point to the new wildcard cert here:
/var/www/YOUR-SITE/conf/nginx/ssl.conf
like this.
listen 443 ssl http2;
listen [::]:443 ipv6only=on ssl http2; #add ipv6 support
ssl on;
# ssl_certificate /etc/letsencrypt/live/YOUR-SITE/fullchain.pem;
# ssl_certificate_key /etc/letsencrypt/live/YOUR-SITE/privkey.pem;
ssl_certificate /PATH/TO/WILDCARD/CERT
ssl_certificate_key /PATH/TO/WILDCARD/KEYSecond, update here as mentioned above...
/etc/nginx/conf.d/force-ssl-YOURSITENAME.conf
Like this...
server {
listen 80;
listen [::]:80;
server_name YOURSITE.com *.YOURSITE.com;
return 301 https://$host$request_uri;
}