Firefox does not trust this site since it uses a certifcate which is not valid for www.example.com. Certificate is only valid for example.com.
Error code: SSL_ERROR_BAD_CERT_DOMAIN
I'm using Let's Encrypt on Ubuntu 16, Apache httpd.
How do I add so it also works for www? Some conf in Apache I guess?
Cant find anything about it.
Assuming you have installed certbot (docs for your version of Ubuntu and Apache), you should use the -d command line switch to list the domains you want the certificate to work for. From the docs:
-d DOMAIN, --domains DOMAIN, --domain DOMAIN Domain names to apply. For multiple domains you can use multiple -d flags or enter a comma separated list of domains as a parameter. The first domain provided will be the subject CN of the certificate, and all domains will be Subject Alternative Names on the certificate. The first domain will also be used in ...
If you want to do a dry run to test, use certonly and --dry-run (you'll have to run as root or with sudo):
certbot certonly --dry-run -d www.example.com -d example.com
If it looks like everything is OK, actually generate, install and activate the certs with (note this will restart Apache):
certbot --apache -d www.example.com -d example.com
certbot will make the required edits to your Apache config for you.
If you you'd rather make the edits manually, use the webroot option. The docs for that option include an example of doing this for multiple domains, including example.com and www.example.com. Removing the other domains from that example to simplify for this case:
certbot certonly --webroot -w /var/www/example -d www.example.com -d example.com
You'll need to restart Apache yourself for the new certificates to be used when using this option.