You are correct.
From here:
“Does Let’s Encrypt issue certificates for anything other than SSL/TLS for websites?
Let’s Encrypt certificates are standard Domain Validation certificates, so you can use them for any server that uses a domain name, like web servers, mail servers, FTP servers, and many more.
Email encryption and code signing require a different type of certificate that Let’s Encrypt does not issue.”
So for your mail server if the domain name is the same as the website they can both use the exact same certificate and private key. Now if the mail server is something like mail.vhaan.me then a separate certificate is likely the way you’re trying to go.
mail.vhaan.me Then needs to answer the ACME challenge, and is the domain name that needs to be requested on the Certificate command line. You don’t need a certificate for vhaan.me