Let's Encrypt Support

Let’s Encrypt has deprecated the TLS-SNI-01 validation method. That’s automatically not used for latter versions of Certbot: 0.28+ The trouble is that I prevent certbot from self-upgrades on casual runs. So you’ll need to update it manually on your servers.

sudo /srv/primero/letsencrypt/certbot-auto renew -n --pre-hook "service nginx stop" --post-hook "service nginx start"

This is only relevant if you are running your own servers though i think. If you are using chef it should work automatically