Looking at the code it seems like the client simply uses the first domain passed via -d domain.tld for the Common Name field in your certificate. Basically, passing moodle.bohemia-chrudim.cz as the first domain to the client should do the trick.
Note that the Common Name isn’t used for anything other than displaying purposes (and theoretically backwards compatibility with very old clients) if the SAN extension field exists in the certificate.
Yes, trick to pass moodle.bohemia-chrudim.cz as first should be solution… but at letsencrypt-auto is no way to select order of selected domains.
In my case after executing of letsencrypt-auto I got list of 70 domains valid for certificate issue. Order names in this list where absolutelly random (for me)… order was not in same order as in apache configuration, but some randomized order. So moodle.sportovniskola.bohemia-chrudim.cz where really my first selected domain… and my prefered domain moodle.bohemia-chrudim.cz where at 4th place (I think)… I have no way, how move it to first place … for example by Page Up or Page Down
Ah, I didn’t think about the apache plugin. My guess is that it shows the domains in the order it encounters them in apache config files. Since this is probably a rather uncommon use-case, I would switch to something like webroot mode and manually pass the domains in the order needed.
For some reason, that’s not the effect (at least when I tested it a few weeks ago). When LE listed the domains in my vhost files, the alternate subdomains weren’t even be listed together with the main one, like www.example.com wouldn’t necessarily be listed with example.com, even if those were the only two in the same vhost file.
I’d also encourage a possibility to set the CN in the menu. otherwise I’ll have to make a wrong certificate first and then make one by ‘hand’ again.
I ran into the rate limit before getting it right