First, use certbot the way you normally would, but take out the domain you want deleted. This should give you a new certificate like example.com-000X.pem

Update Nginx with the new .pem files. Now you have an old, unused certificate that’s no longer needed. It’s very important to delete that old certificate because it will break your auto-renewals!

List all the certificates we have.

certbot certificates

Then delete the old, unwanted certificate.

certbot delete --cert-name the-cert-name

Found this solution in the comments here – https://www.jeffgeerling.com/blog/2016/remove-single-certbot-letsencrypt-certificate-server