There’s no requirement to revoke the earlier certificates; if you’d like, you can just allow them to expire.
You might want to double check the rate limits at
to see if there are any that you would be in danger of hitting in your situation. (Revoking old certificates does not reset or affect the Let’s Encrypt rate limits.)
Assuming you’re not going to hit any rate limits by doing so, you can just issue a new certificate that covers all of your domains. The biggest problem that I see is simply that it may be confusing to have the old certificates and the new certificates around at the same time. In a future version of Certbot, there will be a “certificate manager” to help deal with situations like this, but it’s not done yet!
If you can delete the existing certificates without breaking your web server, you might want to do that. The safest approach might be something like
sudo mv /etc/letsencrypt /etc/letsencrypt.old so that you have a backup of your old certificates and keys, but they are no longer actively used by Certbot. However, that might cause problems with your web server configuration if the server is currently set up to use your existing Let’s Encrypt certificates.
I’m sorry for the limitations in existing versions of Certbot that can make this kind of situation a bit confusing.