I assume you’re using Certbot?
If you add domains, Certbot will offer to use the same directory. For example, if you run “
certbot -d example.com” and then “
certbot -d example.com -d www.example.com”, it will offer to save it in the
example.com directory, replacing the original certificate.
You may want to do that, since a wildcard certificate for
*.example.com does not include
example.com on its own.
You can also use the
--cert-name option to set its name even if it isn’t a superset of an existing certificate. In the example above, you could use “
certbot --cert-name example.com -d www.example.com” to get a certificate for
www.example.com and save it over your previous