[root@streisand]# cat > /etc/letsencrypt/renewal-hooks/deploy/01-reload-nginx.sh << EOF
#!/bin/sh
systemctl reload nginx
EOF
[root@streisand]# chmod u+x /etc/letsencrypt/renewal-hooks/deploy/01-reload-nginx.sh
If your cert was already auto-renewed (unlikely given the timeline), you'll also need to run systemctl reload nginx to serve the new cert, since the deploy script wasn't present when certbot ran the renewal.