CA Signed Cert Renewal - Is 'morpheus-ctl reconfigure' needed each time?

Our Morpheus Appliance uses a CA signed SSL Certificate, which the initial cert setup documents walk you through adjusting the morpheus.rb file and running morpheus-ctl reconfigure and then restarting nginx.

I’m looking to replace the manual steps with a post-renewal task in certbot. My question is, when replacing the certificate with a new one (same name, etc, just replacing an expiring one) is the morpheus-ctl reconfigure required to be run again, or can you just restart nginx? I wasn’t sure if the hash values of the priv/pub key pair were recorded or utilized anywhere that the reconfigure step updates.


– Ron