When I add a vhost subdomain, like foo.bar.com, letsencrypt creates the cert for apex, not the subdomain. Have a look at https://hemma.wjk.se What am I doing wrong here?
See https://www.howtoforge.com/community/threads/lets-encrypt-error-faq.74179/ for troubleshooting steps. I believe there is a checkbox to exclude a subdomain from the certificate, but can't verify right now - you might look for that option though and see if it's checked.
Hi, thanks for your reply. A cert is created, but not for the subdomain, it is created for the apex, that is, wjk.se in this case. If you look at the certificate, you will see it is certified to wjk.se. But. now when I look at it again, it says the cert is assigned to our generic autoconfig subdomain. I have installed Shaals autmail after I posted the thread. Hm, this is starting to get complex, will uninstall automail so this case is clean and nice.
Go through the FAQ. I think the cert is not issued, but you see the cert of the first domain in the list.
Yes, you are right, its the first domain that is shown. I re-created the subdomain now, and now the cert is ok. Need to dig in to this further to fully understand.
When SSL is disabled or there is no valid cert, the first vhost with ssl enabled is selected. That's default apache behaviour.