I have a few websites hosted on a shared hosting server which provides free SSL certificates from Let’s Encrypt. One problem is that my domains and subdomains have been getting fewer unique certificates than the number of domains I have. So a few websites can be clumped together as under a single domain and have the other domains listed as subject alternative names, rather than each getting its unique certificate.
This means that when someone visits myfirstwebsiteexample.com (not the real domain) and mysecondwebsiteexample.com, viewing the certificate on either website can show that it’s signed to mysecondwebsiteexample.com and that myfirstwebsiteexample.com is a subject alternative name.
This is problematic for my purposes as I don’t want the visitors to one website that I run to get the certificate for another. (Especially since some of my subdomains or domains may not be intended for the public.)
When I raised the issue with tech support, they said that’s normal and there’s nothing that can be done about that. I find that hard to believe, in part because it sounds like such a bad idea to merge the certificates of distinct websites, and in part because my previous host had each certificate specific to each domain.
So I asked their sales as well as the sales of another shared host which uses Let’s Encrypt, I was told by both of them that it indeed should be a unique certificate per domain.
But I want to check here too. Should each domain have its own certificate or is it just the way things are that Let’s Encrypt combines several website domains into a single or smaller number of certificates?