The solution that I have used is to add a second hostname (e.g., www, but it could be anything) as suggested in Setting up Let’s Encrypt with Multiple Domains, but I believe that there have been some changes to the templates that cause those instructions not to work. What I did for another site a couple of days ago was to edit /etc/runit/1.d/letsencrypt and add -d newdomain in the places that you see -d realdomain. Then make sure that the new domain is pointed to your server and then run /etc/runit/1.d/letsencrypt.
You may also need to open port 80. My understanding is that it’s not needed when there is a valid cert, but you don’t have a valid cert, so I think it needs to read from port 80 to get things started. There is no downside to having port 80 open, as some people might try to access with http:// and if you have port 80 open they can be redirected to https.
I’ll work on updating those instructions, but I have a moving truck arriving tomorrow and should really be getting ready for that rather than posting on meta anyway. 