Thanks @rg305 and @MikeMcQ. The host in question has some certificates for web domains and runs apache. Would it be possible to "abuse" one of these domains using the --expand option and simply append the desired domains to the resp. certificate?
My other site doesn't run a web server but magically it works with certbot. I have mail.kukulies.org working and I have it configured for postfix in main.cf
##### TLS parameters ######
smtpd_tls_cert_file = /etc/letsencrypt/live/mail.kukulies.org/fullchain.pem
smtpd_tls_key_file = /etc/letsencrypt/live/mail.kukulies.org/privkey.pem
I wonder now how I managed it for the latter site? Can I find out which challenge I'm using on that site?
Ah, I searched around a bit and found in /etc/letsencrypt/renewal/domain.org,conf a line:
server = https://acme-v02.api.letsencrypt.org/directory
Obviously I was using the acme challenge.
EDIT (again): It looks like using --expand worked for me by expanding an existing certificate
certbot --expand -d exists1.de,mail.mydomain.de,imap.mydomain.de,smtp.mydomain.de,www.mydomain.de,mydomain.de
I got a notification that the certs could not be installed since there were von vhosts of that name
but testing the cert file (fullchain.pem) revealed that the new domains were included.