Hi Kitz
As Chrysalis has posted, you are fully covered on names (see below and this is public data, so it does not compromise your server)
I would think about changing cipher suite though, and adding CAA DNS record(s)
Many thanks
John
Server Key and Certificate #1
Subject kitz.co.uk
Fingerprint SHA256: f23d051bab151f47fe0923b22a2e4738cfdb6bbd51199fef0192f11b7bda8e22
Pin SHA256: A1/v5DHyUcr/SsuIdZxq2B6BUnnFyUHAGnoOjUoFUvU=
Common names kitz.co.uk
Alternative names broadbandinfo.kitz.co.uk broadbandinfo.net cpanel.kitz.co.uk forum.kitz.co.uk kitz.co.uk mail.broadbandinfo.net mail.kitz.co.uk webdisk.broadbandinfo.net webdisk.kitz.co.uk webmail.kitz.co.uk wiki.kitz.co.uk
www.broadbandinfo.kitz.co.uk www.broadbandinfo.net www.forum.kitz.co.uk www.kitz.co.uk www.wiki.kitz.co.uk Serial Number 039d58992ba4ab77707b83069cdd6707128d
Valid from Fri, 27 Apr 2018 12:08:18 UTC
Valid until Thu, 26 Jul 2018 12:08:18 UTC (expires in 2 months and 28 days)
Key RSA 2048 bits (e 65537)
Weak key (Debian) No
Issuer Let's Encrypt Authority X3
AIA:
http://cert.int-x3.letsencrypt.org/ Signature algorithm SHA256withRSA
Extended Validation No
Certificate Transparency Yes (certificate)
OCSP Must Staple No
Revocation information OCSP
OCSP:
http://ocsp.int-x3.letsencrypt.org Revocation status Good (not revoked)
DNS CAA No (more info)
Trusted Yes
Mozilla Apple Android Java Windows
Additional Certificates (if supplied)
Certificates provided 2 (3039 bytes)
Chain issues None
#2
Subject Let's Encrypt Authority X3
Fingerprint SHA256: 25847d668eb4f04fdd40b12b6b0740c567da7d024308eb6c2c96fe41d9de218d
Pin SHA256: YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg=
Valid until Wed, 17 Mar 2021 16:40:46 UTC (expires in 2 years and 10 months)
Key RSA 2048 bits (e 65537)
Issuer DST Root CA X3
Signature algorithm SHA256withRSA