Add all the blocked domains from the Pi-hole lists as alternate name in your cert ... joking
EDIT: You could add a virtual IP dedicated for Pi-hole (another socket) so that leaves the primary IP to dedicated web site hosting.
Top bit @ below post of mine explains how:
