This was the final solution Jim! Having multiple domains allowed us to issue the new certificate again!
It also works nicely with discourse as they act like aliases - which is very convenient as well!
@pfaffman reload worked all fine - we just had to issue both certificates for rsa key and ecc key and then install them with acme.sh first
The whole initial problem was caused by not working Ipv6 support in discourse that prevented the let’s encrypt certificates from renewal. We had a AAAA dns record but discourse didn’t reply on the Ipv6 address and certificates failed to renew.
After removing the AAAA record it went all ok.
I do hope discourse will will improve their Ipv6 support - there are many issues reported with let’s encrypt and ipv6 and the only solution is to remove the AAAA record @codinghorror