On Wed, 14 Sep 2022 19:19:05 +0200
Pablo Rodriguez via ntg-context
https://lmtx.pragma-ade.nl, https://pragma-ade.nl and https://pragma-ade.com seem to use a certificate that is only valid for https://lmtx.pragma-ade.com (according to Firefox).
Correct. This is a misconfigured webserver, so the error is valid.
Each domain (and subdomain) requires its own certificate.
That's not quite correct AFAIK. Let's encrypt supports wildcard certificates, so lmtx.pragma-ade.nl and pragma-ade.nl could be covered by the same certificate. And each certificate can also cover multiple domains (SAN). So one certificate should be enough for all abovementioned (sub)domains.
(And non-automatic certificate renewal is a real pain [I have to add].)
I totally agree on that one. Certbot definitely supports wildcard certificates and AFAIK you can just specify multiple domains with the ā-dā option. Marco