According to my web browsers, Let’s Encrypt’s certificate for my domain.org domain is being issued as www.domain.org (despite, in the email from Dreamhost with the certificate itself, it had been described as being for domain.org).
In WordPress, I have my site setup to use domain.org (I don’t want to use www.domain.org). So I changed the domain name control in DH to redirect www.domain.org to domain.org. Therefore, as best I can see, I’m unable to use the Let’s Encrypt cert for my site. I get (e.g. in FireFox) the error SSL_ERROR_BAD_CERT_DOMAIN.
If I now create a new self-signed certificate, I can see that it’s being issued for domain.org not www.domain.org. If I test this, the browser complains that the cert is self-signed, but otherwise has no issue at all with the certificate’s domain. So this is working as expected. If I remove the self-signed cert and reapply the Let’s encrypt cert, my browser complains again that it’d only valid for www.domain.org.
Any suggestions? I know the Let’s Encrypt certificates are supposed to be good for domains with and without the www prefix but that’s not what I’m seeing.