When adding a new SSL cert from Letsencrypt to a virtual server, the system automatically creates a cert for the top level domain eg 'mydomain .com'. It doesn't also create one for the 'www' version. As such when accessing the site via 'www.mydomain.com' most browsers throw up a warning about the cert not being valid for the domain/subdomain as the cert only represent 'mydomain.com'
When trying to create a cert for the 'www' subdomain, Virtualmin complains that this isn't possible and that you need to go to the virtual server -> website options. However, it doesn't elaborate on this. So the only logical option seems to be to enable 'website matches all subdomains'. However, this breaks all virtual servers / website using a subdomain of the main domain eg 'sub.mydomain.com'. It also doesn't appear to fix the cert issue.
Can virtualmin be setup to create a ssl cert for both the top/base level domain AND the 'www' subdomain by default? Or is there a way to work around this issues?
Non-expert response, and not even a response related to Letsencrypt. But I was interested in a related question myself when browsing the virtualmin forums this evening, so I may as well answer to you if it may help a bit :)
I learned it for another certificate issuer in the past, it might be valid here too ?
Anyway, you can google it otherwise, you'll now have more keywords to search.
In your generation of crt, you have various fields
CN=mywebsite.com
O= ...
C=...
... and you can have a final line, for Subject Alternative Names, with
SAN=DNS:www.mywebsite.com, DNS:mywebsite.com, DNS:blog.monsite.com
See the idea ?
You may have to add the possibility to use an extension to have it working, no idea if it's working by default or not with virtualmin.
And honestly, no idea how it's faring with virtualmin or webmin here.
But now, at least, there's material for web searches :)