If you stick the certificate where the NGINX inside the container expects it to be (where the zero-length certs are now, you can conceivably just restart the container (or maybe sv restart nginx inside the container, but it might be sv nginx restart I can never quite remember). The supported solution is to use Let’s Encrypt, so you’ll need to look at the docs linked above and/or the configuration of the container as it is to figure that out. (And I had a site that ran up against rate limits last week myself!)
This was the final solution Jim! Having multiple domains allowed us to issue the new certificate again!
It also works nicely with discourse as they act like aliases - which is very convenient as well!
@pfaffman reload worked all fine - we just had to issue both certificates for rsa key and ecc key and then install them with acme.sh first
The whole initial problem was caused by not working Ipv6 support in discourse that prevented the let’s encrypt certificates from renewal. We had a AAAA dns record but discourse didn’t reply on the Ipv6 address and certificates failed to renew.
After removing the AAAA record it went all ok.
I do hope discourse will will improve their Ipv6 support - there are many issues reported with let’s encrypt and ipv6 and the only solution is to remove the AAAA record @codinghorror
It’d be great if you could create a new topic to debug this. Discourse fully supports IPv6. Meta works over IPv6, as do all our hosted sites. I’ve run multiple self-hosted sites with IPv6 working too. All have working SSL via Let’s Encrypt.