Certbot failed to renew certificate to all domains hosted in a particular server. While most of the servers shoot the bot to acquire the certificate, it bug me why some didn't when they have the same setup. I guess because a domain or two in those failed servers are using premium SSL, but I am not sure honestly.
Fortunately, doing the renewal manually from the command line is a sure fire. You will just miss the convenience of automated renewal where you just put it there and forget. Here are the codes:
sudo systemctl stop nginx certbot certonly --rsa-key-size 2048 --standalone --agree-tos --no-eff-email --email email@example.com -d www.example.com sudo systemctl start nginx
The 2nd line of the code above will launch the renewal procedure. Good luck.